CVE-2021-27600
SAP Manufacturing Execution (System Rules) versions 15.1–15.4 are affected by a Stored XSS vulnerability caused by insufficient encoding of certain HTTP parameters in the System Rules tab. An authorized attacker could embed malicious code into HTTP parameters and have it processed by the server, ...