Cross site scripting

2022-03-1017:47:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

62.0%

Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

CPENameOperatorVersion
fiori_launchpadeq754
fiori_launchpadeq755
fiori_launchpadeq756

Name	Operator	Version
fiori_launchpad	eq	754
fiori_launchpad	eq	755
fiori_launchpad	eq	756

References

packetstormsecurity.com/files/167561/SAP-Fiori-Launchpad-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2022/Jun/39

dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10

launchpad.support.sap.com/

0.002 Low

EPSS

Percentile

62.0%

Related for PRION:CVE-2022-26101