Lucene search
K

4 matches found

CVE
CVE
added 2023/06/13 2:49 a.m.62 views

CVE-2023-33991

CVE-2023-33991 affects SAP UI5 Variant Management (SAP_UI 750–757, UI_700 200). The vulnerability is a Stored XSS caused by insufficient encoding of user-controlled inputs when reading data from the server. The impact described across sources is high confidentiality impact with some information m...

8.2CVSS7.5AI score0.00481EPSS
CVE
CVE
added 2019/11/13 10:17 p.m.52 views

CVE-2019-0388

CVE-2019-0388 affects the SAP UI5 HTTP Handler and is due to insufficient URL validation, enabling an attacker to manipulate content. The vulnerability is addressed by fixes in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 v2.0. Exploitation details are not provided in the connected ...

5.3CVSS5.2AI score0.00727EPSS
CVE
CVE
added 2018/06/12 3:0 p.m.46 views

CVE-2018-2424

CVE-2018-2424 affects SAP Hana Database (1.00, 2.00), SAP UI5 (1.00; Java) with SAP UI5 versions 7.30–7.50 (and 7.50, 7.51, 7.52) and SAP UI for SAP NetWeaver 7.00 (2.0). The root cause is failure to validate user input before adding it to the DOM, enabling attacker-supplied JavaScript to be inje...

9.8CVSS7.5AI score0.02396EPSS
CVE
CVE
added 2018/06/12 3:0 p.m.36 views

CVE-2018-2428

CVE-2018-2428 affects SAP Infrastructure 1.0, SAP UI 7.4/7.5/7.51/7.52, and SAP UI for SAP NetWeaver 7.00 (version 2.0). The description indicates that under certain conditions the SAP UI5 Handler can allow an attacker to access information that should be restricted, constituting an information d...

5.3CVSS5.2AI score0.01759EPSS