2 matches found
CVE-2018-17861
SAP J2EE Engine/7.01/Portal/EPP contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script via the wsdlLib parameter to the /ctcprotocol/Protocol endpoint. The issue arises from inadequate validation/sanitization of untrusted data, and is appli...
SAP J2EE Engine/7.01/Portal/EPP Protocol Cross Site Scripting
I. VULNERABILITY ------------------------- SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting XSS II. CVE REFERENCE ------------------------- CVE-2018-17861 III. VENDOR ------------------------- https://www.sap.com IV. TIMELINE ------------------------- 10/08/2018 Vulnerability...