Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management
Vulnerability Description
SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
SAP Variant Management 跨站脚本漏洞
Vulnerability Description
SAP Variant Management是德国思爱普(SAP)公司的用于存储用户为智能筛选栏创建的设置和为智能表格创建的设置的平台。 SAP Variant Management存在跨站脚本漏洞,该漏洞源于存在存储型跨站脚本(XSS)漏洞。受影响的产品和版本:SAP UI5 Variant Management SAP_UI 750版本,754版本,755版本,756版本,757版本, UI_700 200版本。
CVSS Information
N/A
Vulnerability Type
N/A