SAP E-Commerce (Business-to-Consumer) application does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Fixed in the following components SAP-CRMJAV SAP-CRMWEB SAP-SHRWEB SAP-SHRJAV SAP-CRMAPP SAP-SHRAPP, versions 7.30, 7.31, 7.32, 7.33, 7.54.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap e-commerce 7.30 |
||
sap e-commerce 7.31 |
||
sap e-commerce 7.32 |
||
sap e-commerce 7.33 |
||
sap e-commerce 7.54 |