2 matches found
CVE-2019-0238
SAP Commerce previously known as SAP Hybris Commerce, before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2019-0238
Summary: SAP Commerce (formerly SAP Hybris Commerce) before version 6.7 contains an XSS vulnerability caused by insufficient encoding of user-controlled inputs. This is documented in multiple sources (NVD CVE-2019-0238 and CNVD entry). Affected scope: pre-6.7 versions; no exact exploitation detai...