Lucene search
K

5 matches found

Prion
Prion
added 2022/07/12 9:15 p.m.12 views

Cross site scripting

SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a...

4.3CVSS5.9AI score0.00664EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/07/12 9:15 p.m.17 views

Cross site scripting

SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting XSS vulnerability, therefore changing the scope of the attack. This leads to limited impact on...

4.3CVSS5.9AI score0.00565EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/05 12:0 a.m.8 views

PT-2022-4924 · Sap · Sap Enterprise Portal

Name of the Vulnerable Software and Affected Versions: SAP Enterprise Portal versions 7.10 through 7.50 Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to view, add, modify, or delete data. This is due to insufficient encoding of...

6.4CVSS6AI score0.00664EPSS
Exploits0References7
Prion
Prion
added 2020/10/15 2:15 a.m.20 views

Cross site scripting

SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed. On successful exploitation an attacker can steal...

4.3CVSS6.4AI score0.00905EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/12/11 10:29 p.m.28 views

CVE-2018-2504

SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting XSS vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50...

6.1CVSS6AI score0.01064EPSS
Exploits0References3
Rows per page
Query Builder