Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.6 views

CVE-2026-0514

Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...

6.1CVSS5.5AI score0.00168EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 2:15 a.m.13 views

CVE-2026-0514

Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...

6.1CVSS0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/01/13 2:15 a.m.4 views

CVE-2026-0514

Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...

6.1CVSS5.6AI score0.00168EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/13 1:16 a.m.5 views

CVE-2026-0514 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector

Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...

6.1CVSS5AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/01/13 1:16 a.m.20 views

CVE-2026-0514

SAP Business Connector is affected by a Cross-Site Scripting (XSS) vulnerability that allows an unauthenticated attacker to craft a malicious link which, when clicked by a user, can redirect to an attacker‑controlled site and potentially access or modify information in the webclient, impacting co...

6.1CVSS5AI score0.00168EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.9 views

PT-2026-2345

Name of the Vulnerable Software and Affected Versions SAP Business Connector affected versions not specified Description A Cross-Site Scripting XSS issue exists in SAP Business Connector. An unauthenticated attacker can create a malicious link. If a user clicks this link, they may be redirected t...

6.1CVSS5.5AI score0.00168EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.7 views

SAP Business Connector 跨站脚本漏洞

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector that originates in cross-site scripting and could allow an unauthenticated attacker to craft a malicious link to redirect users to a site under the attacker's control,...

6.1CVSS5.6AI score0.00168EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/14 12:0 a.m.2 views

SAP Business Connector Cross-Site Scripting Vulnerability (CNVD-2025-29169)

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...

6.1CVSS5.9AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 12:36 a.m.12 views

CVE-2025-42886

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

6.1CVSS5.7AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 12:36 a.m.6 views

CVE-2025-42892

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...

6.8CVSS7.2AI score0.00905EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 12:36 a.m.10 views

CVE-2025-42894

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...

6.8CVSS7.2AI score0.00271EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 3:30 a.m.5 views

EUVD-2025-60992

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

6.1CVSS5.2AI score0.00237EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/11 3:30 a.m.8 views

EUVD-2025-60986

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS6AI score0.00223EPSS
Exploits0References3
OSV
OSV
added 2025/11/11 1:15 a.m.4 views

CVE-2025-42894

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...

6.8CVSS6AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2025/11/11 1:15 a.m.5 views

CVE-2025-42893

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS5.6AI score0.00223EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 1:15 a.m.7 views

CVE-2025-42893

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

6.1CVSS0.00223EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 1:15 a.m.7 views

CVE-2025-42886

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

6.1CVSS0.00237EPSS
Exploits0References2
OSV
OSV
added 2025/11/11 1:15 a.m.3 views

CVE-2025-42892

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...

6.8CVSS6AI score0.00905EPSS
Exploits0References2
OSV
OSV
added 2025/11/11 1:15 a.m.7 views

CVE-2025-42886

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

6.1CVSS5.9AI score0.00237EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 12:19 a.m.14 views

CVE-2025-42894

SAP Business Connector is affected by a Path Traversal vulnerability. An attacker authenticated as an administrator with adjacent access can read, write, overwrite, and delete arbitrary files on the host, potentially enabling execution of arbitrary OS commands and full system compromise. The issu...

6.8CVSS6.9AI score0.00271EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder