Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/15 12:10 a.m.19 views

CVE-2025-26662

The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...

4.4CVSS7AI score0.0017EPSS
Exploits0References1
circl
circl
added 2025/05/13 5:30 a.m.6 views

CVE-2025-26662

creationtimestamp| type| source ---|---|--- 2025-05-13 05:30:30+00:00| seen| https://t.me/cvedetector/25154 2025-05-13 14:30:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16133...

4.4CVSS4.8AI score0.0017EPSS
Exploits0References2
cvelist
cvelist
added 2025/05/13 12:9 a.m.13 views

CVE-2025-26662 Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console

The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...

4.4CVSS0.0017EPSS
Exploits0References2
cve
cve
added 2025/05/13 12:9 a.m.71 views

CVE-2025-26662

CVE-2025-26662 describes a Cross-Site Scripting vulnerability in the SAP Data Services Management Console caused by insufficient encoding of user-controlled input. If a logged-in user clicks a crafted link, injected script executes in the victim’s browser, potentially impacting confidentiality an...

4.4CVSS4.8AI score0.0017EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/05/13 12:9 a.m.4 views

CVE-2025-26662 Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console

The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...

4.4CVSS7.2AI score0.0017EPSS
Exploits0References2
Rows per page
Query Builder