exploitDog

CVE-2014-9569

Опубликовано: 07 янв. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285.

Ссылки

http://secunia.com/advisories/62017
http://www.securitytracker.com/id/1031509
http://www.senseofsecurity.com.au/advisories/SOS-14-005
Exploit
URL Repurposed
http://secunia.com/advisories/62017
http://www.securitytracker.com/id/1031509
http://www.senseofsecurity.com.au/advisories/SOS-14-005
Exploit
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:netweaver_business_client_for_html:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00254

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hvrm-q5xx-h2xh

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285.

EPSS

Процентиль: 48%

0.00254

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79