The vulnerability of the Variant Management component in the SAP UI5 software platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks (Stored XSS).

The vulnerability of the Grantor Management component in the SAP CRM ABAP integration module for managing customer relationships is related to the lack of measures to cleanse input data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks Stored XSS...

CVE-2023-33991

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

CVE-2023-33991

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

Cross site scripting

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

CVE-2023-33991 Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management

SAP UI5 Variant Management - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting Stored XSS vulnerability. After successful exploitation, an attacke...

CVE-2023-33991

CVE-2023-33991 affects SAP UI5 Variant Management (SAP_UI 750–757, UI_700 200). The vulnerability is a Stored XSS caused by insufficient encoding of user-controlled inputs when reading data from the server. The impact described across sources is high confidentiality impact with some information m...

SAP Variant Management 跨站脚本漏洞

SAP Variant Management is a platform from SAP, Germany, for storing user-created settings for Smart Filter Fields and settings created for Smart Forms. A cross-site scripting vulnerability exists in SAP Variant Management that stems from the presence of a stored cross-site scripting XSS...

PT-2023-3746 · Sap · Sap Ui5 Variant Management

Name of the Vulnerable Software and Affected Versions: SAP UI5 Variant Management versions SAP UI 750 through SAP UI 757, UI 700 200 Description: The issue is related to insufficient encoding of user-controlled inputs when reading data from the server, resulting in a Stored Cross-Site Scripting...