2 matches found
CVE-2020-6323
SAP NetWeaver Enterprise Portal Fiori Framework Page versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that will be both reflected immediately and also be persisted and returned in further access to the...
CVE-2020-6323
The CVE-2020-6323 entry describes a Cross-Site Scripting vulnerability in SAP NetWeaver Enterprise Portal (Fiori Framework Page) for versions 7.50, 7.31, and 7.40. The underlying issue is inadequate encoding of user-controlled inputs, allowing an attacker with a valid session to craft input that ...