4 matches found
SAP xMII 15 Cross Site Scripting
Application: SAP xMII Versions Affected: SAP xMII 15 Vendor URL: http://SAP.com Bugs: XSS Sent: 04.12.2015 Reported: 05.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 12.04.2016 Reference: SAP Security Note 2201295 Author: Nursultan Abubakirov ERPScan , Vahagn Vardanyan ERPScan...
CVE-2016-4016
Cross-site scripting XSS vulnerability in SAP Manufacturing Integration and Intelligence aka MII, formerly xMII 15 allows remote attackers to inject arbitrary web script or HTML via the title parameter to webdynpro/resources/sap.com/xappsxmiiuiadminnavigation/NavigationApplication, aka SAP Securi...
CVE-2016-4016
CVE-2016-4016: SAP Manufacturing Integration Intelligence (MII / xMII) 15 is affected by a reflected cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script via the title parameter of the NavigationApplication URL (webdynpro/resources/sap.com/xapps~xmii~ui~admin~navigati...
SAP xMII - Reflected XSS vulnerability
Application: SAP NetWeaver AS JAV Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: SAP Bugs: XSS Reported: 05.05.2015 Vendor response: 06.05.2015 Date of Public Advisory: 12.04.2016 Reference: SAP Security Note 2201295 Author: Nursultan Abubakirov , Vahagn Vardanyan ERPScan VULNERABILITY...