Lucene search
Disclosure Management Security Vulnerabilities - CVSS Score 5 - 6
cve
SAP Disclosure Management (before version 10.1 Stack 1301) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
5.4CVSS
5.3AI Score
0.001EPSS
2019-02-15 06:29 PM
26
cve
Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leading to sensitive cookie without Http Only flag.
5.4CVSS
5.4AI Score
0.001EPSS
2020-07-14 01:15 PM
19
2
cve
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting.
5.4CVSS
5.5AI Score
0.001EPSS
2020-01-14 06:15 PM
25