2 matches found
CVE-2018-2371
The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting XSS vulnerability...
CVE-2018-2371
CVE-2018-2371 affects SAP NetWeaver AS Java Web Application (SAML 2.0 SP) 7.50. The issue is insufficient encoding of user-controlled inputs, causing Cross-Site Scripting (XSS). CVSSv3 base 6.1 (NETWORK, LOW ATTACK COMPLEXITY, UI REQUIRED, CHANGED SCOPE; CONFIDENTIALITY/INTEGRITY LOW) and CVSSv2 ...