4 matches found
CVE-2025-0059
Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input in the local browser storage to improve usability. An attacker with administrative privileges or access to the victim�s user directory on the Operating System level would be able to read this data...
SAP GUI 跨站脚本漏洞
SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. A cross-site scripting vulnerability exists in SAP GUI for HTML, which stems from not adequately cleaning up user-controlled input. The following versions are affected: KERNEL versions 7.22, 7.53, 7.54...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user...