4 matches found
SAP Afaria 7 Cross Site Scripting Vulnerability
SAP Afaria version 7 suffers from a stored cross site scripting vulnerability. Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015...
Cross site scripting
Cross-site scripting XSS vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, aka SAP Security Note 2152669...
CVE-2015-6663
CVE-2015-6663 is a stored XSS vulnerability in SAP Afaria 7 affecting the Device Inspector page, specifically the Client form. The issue arises because the Client name field data is inserted into the page without proper escaping, enabling an attacker to inject arbitrary script via crafted data. T...
SAP Afaria - Stored XSS
Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...