exploitDog

GHSA-v63x-mvcc-j8h6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Ссылки

EPSS

Процентиль: 47%

0.00237

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-33665

CVSS3: 5.4

nvd

больше 4 лет назад

SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

EPSS

Процентиль: 47%

0.00237

Низкий

CVE ID

Дефекты

CWE-79