4 matches found
CVE-2019-0311
Automotive Dealer Portal in SAP R/3 Enterprise Application versions: 600, 602, 603, 604, 605, 606, 616, 617 does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious...
CVE-2019-0311
Summary: CVE-2019-0311 affects SAP R/3 Enterprise Application’s Automotive Dealer Portal (versions 600–617). It arises from insufficient encoding of user-controlled inputs, enabling Cross-Site Scripting (XSS) where an attacker’s input can execute scripts in a victim’s browser. Affected component:...
CVE-2019-0311
Automotive Dealer Portal in SAP R/3 Enterprise Application versions: 600, 602, 603, 604, 605, 606, 616, 617 does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious...
CVE-2018-2436
CVE-2018-2436 affects SAP R/3 Enterprise Retail (EHP6): an authenticated user can escalate privileges due to missing authorization checks on transaction WRCK. Impact described as privilege escalation with high CVSS3 score (8.8) and notable network exposure. Documented references point to SAP Note...