2 matches found
SAP Afaria 7 Cross Site Scripting Vulnerability
SAP Afaria version 7 suffers from a stored cross site scripting vulnerability. Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015...
CVE-2015-6663
CVE-2015-6663 is a stored XSS vulnerability in SAP Afaria 7 affecting the Device Inspector page, specifically the Client form. The issue arises because the Client name field data is inserted into the page without proper escaping, enabling an attacker to inject arbitrary script via crafted data. T...