The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811, is vulnerable to client-side angularjs template injection, a variant of Cross-Site-Scripting (XSS) that exploits the templating facilities of the angular framework.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap commerce cloud 6.6 |
||
sap commerce cloud 6.7 |
||
sap commerce cloud 1808 |
||
sap commerce cloud 1811 |