3 matches found
CVE-2019-0319
CVE-2019-0319 affects the SAP Gateway products listed (versions 7.5, 7.51, 7.52, 7.53). The root cause described is input content injection that can be displayed as an error message, enabling an attacker to mislead users into thinking the message is from the legitimate service. The connected docu...
CVE-2018-2424
CVE-2018-2424 affects SAP Hana Database (1.00, 2.00), SAP UI5 (1.00; Java) with SAP UI5 versions 7.30–7.50 (and 7.50, 7.51, 7.52) and SAP UI for SAP NetWeaver 7.00 (2.0). The root cause is failure to validate user input before adding it to the DOM, enabling attacker-supplied JavaScript to be inje...
CVE-2021-21476
CVE-2021-21476 (SAP UI5) affects SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, and 1.86.1. The vulnerability is described as an open redirect caused by Reverse Tabnabbing, allowing an unauthenticated attacker to redirect users to a malicious site. The connec...