CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/22 4:45 p.m.•5 views

CVE-2020-6305

PI Rest Adapter of SAP Process Integration update provided in SAPXIAF 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.0028EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:45 p.m.•6 views

CVE-2020-6222

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.9AI score0.00235EPSS

Exploits0References1

OSV•added 2022/06/06 8:15 p.m.•1 views

CVE-2020-6220

BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. Exploit is possible only when the bttoken in victim’s session is active...

4.7CVSS5.8AI score0.00149EPSS

Exploits0References2

OSV•added 2021/06/09 2:15 p.m.•1 views

CVE-2021-33665

SAP NetWeaver Application Server ABAP Applications based on SAP GUI for HTML, versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS6.3AI score

Exploits0References2

OSV•added 2020/09/09 1:15 p.m.•2 views

CVE-2020-6283

SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting XSS vulnerability. With a successful attack, the attacker can steal...

6.1CVSS5.9AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by