Lucene search
K

40 matches found

CVE
CVE
added yesterday9 views

CVE-2026-44768

Summary: CVE-2026-44768 affects the SAP CRM WebClient UI. The vulnerability arises from the absence of a Content Security Policy (CSP) configuration for certain restrictive directives, enabling an attacker to inject and execute malicious scripts in the application context. According to the source...

4.1CVSS6.2AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added yesterday8 views

EUVD-2026-43592

SAP CRM WebClient UI allows an attacker to inject and execute malicious scripts in the context of the application due to the absence of a Content Security Policy CSP configuration for certain restrictive directives. This vulnerability has a low impact on the integrity of the application...

4.1CVSS6.2AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-14219

Malware in sbrugna...

6.1CVSS6.3AI score0.0098EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-1018

Malware in sbrugna...

5.4CVSS5.5AI score0.00758EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-34985

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00266EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19726

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.10 views

CVE-2024-24742

SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...

4.1CVSS6AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.8 views

CVE-2023-29188

SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS...

5.4CVSS5.7AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:39 p.m.13 views

CVE-2024-22130

Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled...

7.6CVSS6.3AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 4:15 a.m.5 views

CVE-2024-37173

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

6.1CVSS5.8AI score0.00266EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 4:7 a.m.27 views

CVE-2024-37175 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to access some sensitive information...

4.3CVSS0.00304EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 4:4 a.m.25 views

CVE-2024-39598 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

SAP CRM WebClient UI Framework allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the applicati...

5CVSS6.5AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 3:57 a.m.18 views

CVE-2024-37173 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

6.1CVSS6.8AI score0.00266EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 3:57 a.m.26 views

CVE-2024-37173 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

6.1CVSS0.00266EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.5 views

PT-2024-26106 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI affected versions not specified Description: The issue arises due to insufficient input validation, allowing an unauthenticated attacker to craft a URL link that embeds a malicious script. When a victim clicks on this lin...

6.1CVSS6.9AI score0.00266EPSS
Exploits0References5
OSV
OSV
added 2024/02/13 3:15 a.m.5 views

CVE-2024-24742

SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...

4.1CVSS5.8AI score0.00329EPSS
Exploits0References2
OSV
OSV
added 2024/02/13 3:15 a.m.6 views

CVE-2024-22130

Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled...

5.4CVSS5.8AI score0.00323EPSS
Exploits0References2
Prion
Prion
added 2024/02/13 3:15 a.m.17 views

Cross site scripting

SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...

3.5CVSS6.2AI score0.00329EPSS
Exploits0References2
Prion
Prion
added 2024/02/13 3:15 a.m.21 views

Cross site scripting

Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled...

4.9CVSS6.5AI score0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/13 2:42 a.m.26 views

CVE-2024-24742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)

SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...

4.1CVSS6.1AI score0.00329EPSS
Exploits0References2
Rows per page
Query Builder