5 matches found
CVE-2025-26662
The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...
CVE-2025-26662
creationtimestamp| type| source ---|---|--- 2025-05-13 05:30:30+00:00| seen| https://t.me/cvedetector/25154 2025-05-13 14:30:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16133...
CVE-2025-26662 Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console
The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...
CVE-2025-26662
CVE-2025-26662 describes a Cross-Site Scripting vulnerability in the SAP Data Services Management Console caused by insufficient encoding of user-controlled input. If a logged-in user clicks a crafted link, injected script executes in the victim’s browser, potentially impacting confidentiality an...
CVE-2025-26662 Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console
The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This...