exploitDog

GHSA-82mv-hh8r-x8q6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.

SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.

Ссылки

EPSS

Процентиль: 52%

0.00287

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-0369

CVSS3: 5.4

nvd

больше 6 лет назад

SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.

BDU:2020-00044

CVSS3: 5.4

fstec

больше 6 лет назад

Уязвимость веб-приложения SAP Financial Consolidation, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю осуществлять межсайтовые сценарные атаки

EPSS

Процентиль: 52%

0.00287

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79