SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated malicious user to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap commerce cloud 1808 |
||
sap commerce cloud 1811 |
||
sap commerce cloud 1905 |
||
sap commerce cloud 2005 |
||
sap commerce cloud 2011 |