2 matches found
CVE-2013-7357
Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors...
CVE-2018-17862
The CVE describes a cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori. An attacker can inject arbitrary web script via the sys_jdbc parameter to the path /TestJDBC_Web/test2. Affected software is SAP J2EE Engine/7.01/Fiori; the issue is tied to improper handling/validation of...