1 results (0.002 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33682
https://notcve.org/view.php?id=CVE-2021-33682
14 Jul 2021 — SAP Lumira Server version 2.4 does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This would allow an attacker with basic level privileges to store a malicious script on SAP Lumira Server. The execution of the script content, by a victim registered on SAP Lumira Server, could compromise the confidentiality and integrity of SAP Lumira content. SAP Lumira Server versión 2.4, no codifica suficientemente las entradas controladas por el usuario, resultando ... • https://launchpad.support.sap.com/#/notes/3053403 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •