The vulnerability of the user interface of the SAP CRM WebClient UI, which allows an attacker to perform XSS attacks.

The vulnerability of the SAP CRM WebClient UI user interface lies in the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows an attacker to execute XSS attacks remotely...

PT-2024-3898 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions S4FND 102 through S4FND 106 SAP CRM WebClient UI versions WEBCUIF 701 through WEBCUIF 801 Description: The SAP CRM WebClient UI does not sufficiently encode user-controlled inputs, resulting in a Cross-Site...

The vulnerability of the user interface of the SAP CRM WebClient UI, which allows an attacker to perform XSS attacks.

The vulnerability of the SAP CRM WebClient UI user interface lies in the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows an attacker to execute XSS attacks remotely...

CVE-2023-30742

SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting...

SAP CRM 安全漏洞

SAP CRM is a customer relationship management system from SAP, Germany. A security vulnerability exists in SAP CRM WebClient UI that originates from a vulnerability that allows an attacker to modify the HTTP verbs used in a request via a web server, which could lead to the exposure of form fields...

PT-2023-22191 · Sap · Sap Crm

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801 Description: The issue allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This...

CVE-2023-23594

An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes...

CVE-2023-23594

The CVE-2023-23594 case concerns the CL4NX printer web client interface. Affected: CL4NX printer firmware prior to 1.13.3-u724_r2; vulnerability is an authentication bypass allowing remote, unauthenticated attackers to perform actions intended for authenticated users (e.g., file uploads, configur...

CVE-2023-23594

An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes...

Unspecified Spoofing Vulnerability in SAP Customer Relationship Management (CRM) IC WebClient

SAP Customer Relationship Management is a customer relationship management solution. An unspecified spoofing vulnerability exists in SAP Customer Relationship Management CRM IC WebClient, which can be exploited by attackers to conduct spoofing attacks and perform unauthorized operations...

SAP Customer Relationship Management (CRM) WebClient UI Cross-Site Scripting Vulnerability

SAP Customer Relationship Management is a customer relationship management solution. A cross-site scripting vulnerability exists in the SAP Customer Relationship Management CRM WebClient UI. A remote attacker could exploit the vulnerability to execute arbitrary script code in an unsuspecting user...

CVE-2014-3878

Multiple cross-site scripting XSS vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web script or HTML via 1 the Name field in an add new contact action in the Contacts section or unspecified...

CVE-2014-3878

Ipswitch IMail Server web client interface (12.3 and 12.4, possibly before 12.4.1.15) contains multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the Name field when adding a new contact, (2) an Add Group action in ...