2 matches found
CVE-2022-41266
Due to a lack of proper input validation, SAP Commerce Webservices 2.0 Swagger UI - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting XSS attack. As a result, an attacker may be able t...
CVE-2022-41266
CVE-2022-41266 affects SAP Commerce Webservices 2.0 (Swagger UI) across versions 1905, 2005, 2105, 2011, 2205. The root cause is a lack of proper input validation which allows malicious inputs to trigger a DOM XSS . Impact described in sources includes token theft and potential full account takeo...