漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cross-Site Scripting (XSS) vulnerability in SAP Data Services (DQ Report)
Vulnerability Description
Due to a Cross-Site Scripting vulnerability in SAP Data Services Management Console, an authenticated attacker could exploit the search functionality associated with DQ job status reports. By intercepting requests, malicious script can be injected and subsequently executed when a user loads the affected page. This results in a limited impact on the confidentiality and integrity of user session information, while availability remains unaffected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
SAP Data Services Management Console 跨站脚本漏洞
Vulnerability Description
SAP Data Services Management Console是德国思爱普(SAP)公司的一个SAP Data Services的集中管理界面。 SAP Data Services Management Console存在跨站脚本漏洞,该漏洞源于跨站脚本,可能影响用户会话信息。
CVSS Information
N/A
Vulnerability Type
N/A