exploitDog

GHSA-8m7r-6hjg-hjwm

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.

The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.

Ссылки

EPSS

Процентиль: 54%

0.00313

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-2371

CVSS3: 6.1

nvd

почти 8 лет назад

The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.

EPSS

Процентиль: 54%

0.00313

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79