4 matches found
CVE-2019-0368
SAP Customer Relationship Management Email Management, versions: S4CRM before 1.0 and 2.0, BBPCRM before 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability...
SAP CRM Cross-Site Scripting Vulnerability
SAP CRM is a customer relationship management system from SAP, a German company. A cross-site scripting vulnerability exists in SAP CRM that stems from insufficient input validation, allowing an unauthenticated attacker to craft URL links embedded with malicious scripts to be able to access and/o...
CVE-2021-33676
A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged by an attacker with high privileges to compromise confidentiality, integrity, or availability of the system...
SAP Customer Relationship Management (CRM) WebClient UI Cross-Site Scripting Vulnerability
SAP Customer Relationship Management is a customer relationship management solution. A cross-site scripting vulnerability exists in the SAP Customer Relationship Management CRM WebClient UI. A remote attacker could exploit the vulnerability to execute arbitrary script code in an unsuspecting user...