Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via unspecified vectors, aka SAP Security Note 2153892.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP HANA Developer Edition DB Eval注入漏洞
Vulnerability Description
SAP HANA是德国思爱普(SAP)公司的一套高性能的实时数据分析平台,它提供数据查询功能,用户可直接对大量实时业务数据进行查询和分析。SAP HANA Developer Edition DB是其中的一个开发版数据库。 SAP HANA Developer Edition DB 1.00.091.00.1418659308版本的Web-based Development Workbench中的test-net.xsjs文件存在Eval注入漏洞。远程攻击者可利用该漏洞执行任意XSJS代码。
CVSS Information
N/A
Vulnerability Type
N/A