Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.6 views

CVE-2021-33675

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability through phishing and to execute arbitrary code on the victim's browser...

6.1CVSS6.2AI score0.00759EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.14 views

CVE-2021-33674

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability when creating a new email and to execute arbitrary code on the victim's browser...

6.5CVSS6.2AI score0.0074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.6 views

CVE-2021-33672

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...

9.6CVSS7.2AI score0.01065EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-20350

Malware in sbrugna...

8.3CVSS7.3AI score0.0081EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-20351

Malware in sbrugna...

6.5CVSS6.5AI score0.0074EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20352

Malware in sbrugna...

6.1CVSS6.3AI score0.00759EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-20349

Malware in sbrugna...

9.6CVSS9.4AI score0.01065EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:8 p.m.8 views

CVE-2021-33673

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting XSS vulnerability when a user browses through the employee directory and to execute arbitrary code ...

8.3CVSS5.9AI score0.0081EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/17 12:0 a.m.8 views

SAP Contact Center Cross-Site Scripting Vulnerability (CNVD-2025-02856)

SAP Contact Center is a new cloud service from SAP that is built on top of SAP's on-premise contact center software, putting modern contact center solutions at the agent's fingertips. A cross-site scripting vulnerability exists in SAP Contact Center 700. The vulnerability stems from the program n...

9.6CVSS6.4AI score0.01065EPSS
Exploits0References1
OSV
OSV
added 2021/09/14 12:15 p.m.4 views

CVE-2021-33675

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability through phishing and to execute arbitrary code on the victim's browser...

6.1CVSS6.1AI score0.00759EPSS
Exploits0References2
NVD
NVD
added 2021/09/14 12:15 p.m.19 views

CVE-2021-33673

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting XSS vulnerability when a user browses through the employee directory and to execute arbitrary code ...

8.3CVSS0.0081EPSS
Exploits0References2
OSV
OSV
added 2021/09/14 12:15 p.m.5 views

CVE-2021-33673

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting XSS vulnerability when a user browses through the employee directory and to execute arbitrary code ...

6.1CVSS7.1AI score
Exploits0References2
OSV
OSV
added 2021/09/14 12:15 p.m.4 views

CVE-2021-33674

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability when creating a new email and to execute arbitrary code on the victim's browser...

6.1CVSS6.1AI score0.0074EPSS
Exploits0References2
NVD
NVD
added 2021/09/14 12:15 p.m.23 views

CVE-2021-33672

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...

9.6CVSS0.01065EPSS
Exploits0References2
NVD
NVD
added 2021/09/14 12:15 p.m.20 views

CVE-2021-33674

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability when creating a new email and to execute arbitrary code on the victim's browser...

6.5CVSS0.0074EPSS
Exploits0References2
Prion
Prion
added 2021/09/14 12:15 p.m.18 views

Cross site scripting

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting XSS vulnerability when a user browses through the employee directory and to execute arbitrary code ...

4.3CVSS5.8AI score0.0081EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/09/14 12:15 p.m.13 views

Cross site scripting

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability when creating a new email and to execute arbitrary code on the victim's browser...

4.3CVSS6.1AI score0.0074EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/09/14 12:15 p.m.17 views

Design/Logic Flaw

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...

9.3CVSS9.2AI score0.01065EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/09/14 12:15 p.m.19 views

Cross site scripting

Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user-controlled inputs. This allows an attacker to exploit a Reflected Cross-Site Scripting XSS vulnerability through phishing and to execute arbitrary code on the victim's browser...

4.3CVSS6.1AI score0.00759EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/14 11:21 a.m.23 views

CVE-2021-33672

Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the...

9.6CVSS9.6AI score0.01065EPSS
Exploits0References2
Rows per page
Query Builder