Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP Manufacturing Execution (System Rules), versions - 15.1, 15.2, 15.3, 15.4, allows an authorized attacker to embed malicious code into HTTP parameter and send it to the server because SAP Manufacturing Execution (System Rules) tab does not sufficiently encode some parameters, resulting in Stored Cross-Site Scripting (XSS) vulnerability. The malicious code can be used for different purposes. e.g., information can be read, modified, and sent to the attacker. However, availability of the server cannot be impacted.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Manufacturing Execution 跨站脚本漏洞
Vulnerability Description
SAP Manufacturing Execution是德国思爱普(SAP)公司的一个用于离散制造过程的综合制造执行系统(MES)解决方案。使MES功能能够专门针对生产环境的管理和控制进行定制。 SAP Manufacturing Execution 存在安全漏洞,该漏洞允许授权攻击者将恶意代码嵌入到HTTP参数中,并将其发送到服务器。
CVSS Information
N/A
Vulnerability Type
N/A