Описание
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:solution_manager:7.20:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00189
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-91
Связанные уязвимости
github
больше 3 лет назад
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist.
EPSS
Процентиль: 41%
0.00189
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-91