J2ee Engine Security Vulnerabilities and Issues — J2ee Engine CVE List

Lucene search

SapJ2ee Engine

4 matches found

CVE•added 2021/08/09 7:15 p.m.•42 views

CVE-2018-17865

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00222EPSS

CVE•added 2021/08/09 7:15 p.m.•41 views

CVE-2018-17862

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote attackers to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_Web/test2. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00467EPSS

CVE•added 2021/08/09 7:15 p.m.•35 views

CVE-2018-17861

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote attackers to inject arbitrary web script via the wsdlLib parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00467EPSS

CVE•added 2014/04/10 8:55 p.m.•29 views

CVE-2013-7357

Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors.

5CVSS6.5AI score0.0025EPSS