J2ee Engine@7.01 Security Vulnerabilities and Issues — J2ee Engine@7.01 CVE List

Lucene search

SapJ2ee Engine7.01

3 matches found

CVE•added 2021/08/09 7:15 p.m.•42 views

CVE-2018-17865

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00222EPSS

CVE•added 2021/08/09 7:15 p.m.•41 views

CVE-2018-17862

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote attackers to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_Web/test2. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00467EPSS

CVE•added 2021/08/09 7:15 p.m.•35 views

CVE-2018-17861

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote attackers to inject arbitrary web script via the wsdlLib parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

6.1CVSS5.9AI score0.00467EPSS