CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

8.2CVSS6AI score0.00274EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:18 p.m.•7 views

CVE-2021-21476

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS6.8AI score0.00324EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:42 a.m.•7 views

CVE-2019-0388

SAP UI5 HTTP Handler corrected in SAPUI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI700 version 2.0 allows an attacker to manipulate content due to insufficient URL validation...

5.3CVSS6.8AI score0.00247EPSS

Exploits0References1

NVD•added 2023/06/13 3:15 a.m.•10 views

CVE-2023-33991

8.2CVSS7.5AI score0.00274EPSS

Exploits0References2

Prion•added 2023/06/13 3:15 a.m.•12 views

Cross site scripting

6CVSS7.2AI score0.00274EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/06/13 2:49 a.m.•11 views

CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management

8.2CVSS6AI score0.00274EPSS

Exploits0References2

Cvelist•added 2023/06/13 2:49 a.m.•15 views

CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management

8.2CVSS7.5AI score0.00274EPSS

Exploits0References2

Positive Technologies•added 2023/06/13 12:0 a.m.•3 views

PT-2023-3746 · Sap · Sap Ui5 Variant Management

Name of the Vulnerable Software and Affected Versions: SAP UI5 Variant Management versions SAP UI 750 through SAP UI 757, UI 700 200 Description: The issue is related to insufficient encoding of user-controlled inputs when reading data from the server, resulting in a Stored Cross-Site Scripting...

8.2CVSS7.2AI score0.00274EPSS

Exploits0References7

CNNVD•added 2023/05/09 12:0 a.m.•2 views

SAP SAPUI5 跨站脚本漏洞

SAP SAPUI5 is a JavaScript application framework from SAP, Germany. A cross-site scripting vulnerability exists in SAP SAPUI5. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

7.1CVSS5.9AI score0.0017EPSS

Exploits0References4

CNVD•added 2021/02/26 12:0 a.m.•9 views

SAP UI5 Open Redirect Vulnerability

SAP UI5 is a Java script-based framework for designing multi-platform business applications. It supports a variety of data models and views for desktop and mobile applications. An open redirection vulnerability exists in SAP UI5 versions 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4...

6.1CVSS6.8AI score0.00324EPSS

Exploits0References1

OSV•added 2021/02/09 9:15 p.m.•0 views

CVE-2021-21476

6.1CVSS5.9AI score

Exploits0References2

NVD•added 2021/02/09 9:15 p.m.•7 views

CVE-2021-21476

6.1CVSS0.00324EPSS

Exploits0References2

Cvelist•added 2021/02/09 8:44 p.m.•13 views

CVE-2021-21476

4.7CVSS6.5AI score0.00324EPSS

Exploits0References2

CNNVD•added 2021/02/09 12:0 a.m.•5 views

SAP UI5 输入验证错误漏洞

6.1CVSS6.2AI score0.00324EPSS

Exploits0References3

vulnersOsv•added 2020/01/08 11:33 a.m.•2 views

@sap/ui5-builder-webide-extension (=1.0.1), @sersap/ui5-build-tasks (>=0.0.8 <=0.0.13) +7 more potentially affected by CVE-2019-10778 via devcert-sanscache (=0.4.6)

devcert-sanscache NPM version =0.4.6 is affected by a known vulnerability. The following packages have a transitive dependency on devcert-sanscache and may be impacted: - @sap/ui5-builder-webide-extension =1.0.1 - @sersap/ui5-build-tasks =0.0.8, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =2.0.0, =1.0.0,...

9.8CVSS7.2AI score0.01921EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by