9 matches found
EUVD-2020-19361
Malware in sbrugna...
SAP Fiori Launchpad Cross-Site Scripting Vulnerability
SAP Fiori is SAP's user experience UX design system for SAP applications, which provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, providing a consistent, innovative experience for creators and users.SAP Fiori Launchpad is the SA...
CVE-2020-26825
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...
CVE-2020-26825
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...
Cross site scripting
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...
CVE-2020-26825
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...
CVE-2020-26825
SAP Fiori Launchpad News tile (News tile Application) suffers a Reflected XSS in versions 750–755 due to insufficient encoding of user-controlled inputs, enabling an unauthenticated attacker to send malicious code that can be read and potentially modified in the victim’s browser. Impact per recor...
CVE-2020-26815
SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external...
CVE-2020-26815
CVE-2020-26815 concerns SAP Fiori Launchpad News tile Application, affected in versions 750–755. The connected sources describe a Server-Side Request Forgery (SSRF) vulnerability where an unauthenticated attacker can send a crafted request to a vulnerable web application, potentially exposing sen...