SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product. Fixed in versions (SAP Hybris Commerce, versions 6.2, 6.3, 6.4, 6.5, 6.6, 6.7).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap hybris 6.2 |
||
sap hybris 6.4 |
||
sap hybris 6.5 |
||
sap hybris 6.6 |
||
sap hybris 6.3 |
||
sap hybris 6.7 |