CVE-2017-15294
CVE-2017-15294 affects SAP CRM’s Java administration console, with a cross-site scripting vulnerability in the Java-based admin UI. Root cause: insufficient input validation/execution of arbitrary script in a browser. Impact: browser-based XSS; CVSSv3 base score 6.1 (MEDIUM), network access, no p...