10 matches found
CVE-2022-22529
SAP Enterprise Threat Detection ETD - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its...
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...
CVE-2022-22529
SAP Enterprise Threat Detection ETD - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its...
CVE-2022-22529
SAP Enterprise Threat Detection ETD - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its...
Design/Logic Flaw
SAP Enterprise Threat Detection ETD - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its...
CVE-2022-22529
SAP Enterprise Threat Detection ETD - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its...
PT-2022-15498 · Sap · Sap Enterprise Threat Detection +1
Name of the Vulnerable Software and Affected Versions: SAP Enterprise Threat Detection ETD version 2.0 Description: The issue arises from insufficient encoding of user-controlled inputs, potentially leading to an unauthorized attacker exploiting an XSS vulnerability. However, the UIs in ETD utili...
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0 and 2.0, has a reflected XSS vulnerability due to insufficient encoding of error response pages. The issue allows payloads to be reflected in responses. Connected sources (NVD/Red Hat CNVD/CVE records) corroborate the flaw and its impact but do not pr...
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting...