Input validation

2020-06-1013:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

JSON

SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist.

CPENameOperatorVersion
solution_managereq7.20

CPE	Name	Operator	Version
	solution_manager	eq	7.20

References

launchpad.support.sap.com/

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775