The vulnerability in the web application for managing and administering the SAP Commerce Backoffice platform, related to the lack of protective measures for the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the web application for managing and administering the SAP Commerce Backoffice platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability in the web application for managing and administering the SAP Commerce Backoffice platform arises from the lack of protective measures for the website structure. This allows attackers who operate remotely to carry out cross-site scripting attacks.

The vulnerability in the web application for managing and administering the SAP Commerce Backoffice platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2024-45278 Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice

SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application...

CVE-2024-45278

CVE-2024-45278 is a Cross-Site Scripting (XSS) vulnerability in SAP Commerce Backoffice caused by insufficient encoding of user-controlled inputs. The issue affects SAP Commerce Backoffice web application content handling and can lead to limited impacts on confidentiality and integrity after expl...

SAP Commerce 跨站脚本漏洞

SAP Commerce Backoffice is a powerful tool for managing and maintaining e-commerce websites, allowing administrators and operations teams to easily manage website content and configuration. SAP Commerce Backoffice suffers from a cross-site scripting vulnerability that can be exploited by remote...

CVE-2024-41735

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability causing low impact on confidentiality and integrity of the application...

CVE-2024-41735

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability causing low impact on confidentiality and integrity of the application...

PT-2024-29545 · Sap · Sap Commerce Backoffice

Name of the Vulnerable Software and Affected Versions: SAP Commerce Backoffice affected versions not specified Description: The issue is related to the insufficient encoding of user-controlled inputs in the SAP Commerce Backoffice application, resulting in a Cross-Site Scripting XSS vulnerability...