267 matches found
CVE-2023-27499
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...
Cross site scripting
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...
CVE-2023-27499 Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...
CVE-2023-27499 Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...
CVE-2023-27499
SAP GUI for HTML is affected by a reflected XSS due to insufficient encoding of user-controlled inputs. AFFECTED versions include KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91 and KRNL64UC (including 7.22EXT). An attacker can lure a user to click a crafted URL and execute script in the us...
SAP GUI 跨站脚本漏洞
SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. A cross-site scripting vulnerability exists in SAP GUI for HTML, which stems from not adequately cleaning up user-controlled input. The following versions are affected: KERNEL versions 7.22, 7.53, 7.54...
SAP GUI OS Command Injection Vulnerability
SAP GUI is an application of SAP, the graphical user interface of the SAP system. SAP GUI is vulnerable to operating system command injection, which results from the failure of the network system or product to properly filter special characters, commands, etc. during the execution of commands...
CVE-2022-41205
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
CVE-2022-41205
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
Code injection
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
CVE-2022-41205
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
CVE-2022-41205
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries which can cause a limited impact on confidentiality and high impact on availability of the application...
PT-2022-25728 · Sap · Sap Gui
Name of the Vulnerable Software and Affected Versions: SAP GUI affected versions not specified Description: The issue allows an authenticated attacker to execute scripts in the local network. On successful exploitation, the attacker can gain access to registries, which can cause a limited impact ...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
Cross site scripting
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
PT-2022-24996 · Sap · Sap Gui For Html
Name of the Vulnerable Software and Affected Versions: SAP GUI for HTML affected versions not specified Description: The issue allows an attacker with no prior authentication to craft and send malicious scripts to SAP GUI for HTML within Fiori Launchpad, resulting in a reflected cross-site...
SAP GUI 跨站脚本漏洞
SAP GUI is a software application from SAP, a German company. graphical user interface for SAP systems. A cross-site scripting vulnerability exists in SAP GUI that originates from a malicious script that can be written for HTML in Fiori Launchpad and sent to SAP GUI, which can be exploited by an...