Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Hana DB、UI5和UI 安全漏洞
Vulnerability Description
SAP Hana DB、UI5和UI都是德国思爱普(SAP)公司的产品。SAP Hana DB是一个基于行和列的内存数据库。UI5和UI都是基于JavaScript的UI库,它集成了大量的UI控件。 SAP Hana DB、UI5和UI中存在安全漏洞,该漏洞源于程序在将用户输入添加到DOM框架之前没有验证该输入。攻击者可利用该漏洞向DOM中添加恶意的JavaScript代码,窃取用户信息。以下产品和版本受到影响:SAP Hana Database 1.00版本,2.00版本;SAP UI5 1.00版本;
CVSS Information
N/A
Vulnerability Type
N/A