Lucene search
PRIOn knowledge basePRION:CVE-2020-6272HistoryOct 15, 2020 - 2:15 a.m.
Cross site scripting
2020-10-1502:15:00
PRIOn knowledge base
www.prio-n.com
4
0.001 Low
EPSS
Percentile
22.7%
SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, which allows an authenticated and authorized content manager to inject malicious script into several web CMS components. These can be saved and later triggered, if an affected web page is visited, resulting in Cross-Site Scripting (XSS) vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| commerce_cloud | eq | 1808 | |
| commerce_cloud | eq | 1811 | |
| commerce_cloud | eq | 1905 | |
| commerce_cloud | eq | 2005 |
Related
nvd
nvd
CVE-2020-6272
2020-10-15 02:15:12
cve
cve
CVE-2020-6272
2020-10-15 02:15:12
cvelist
cvelist
CVE-2020-6272
2020-10-15 01:46:38