Описание
A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data.
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- Permissions Required
- Vendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:knowledge_warehouse:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:knowledge_warehouse:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:knowledge_warehouse:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:knowledge_warehouse:7.50:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.40784
Средний
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 4 лет назад
A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data.
EPSS
Процентиль: 97%
0.40784
Средний
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79