NotCVE - vendor:"Sap" product:"Sapscore"

Page 2 of 8 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-0245

https://notcve.org/view.php?id=CVE-2019-0245

SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. SAP CRM WebClient UI (solucionado en SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) no valida suficientemente los campos ocultos controlados por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS). • http://www.securityfocus.com/bid/106468 https://launchpad.support.sap.com/#/notes/2588763 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-2486

https://notcve.org/view.php?id=CVE-2018-2486

SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) no cifra lo suficiente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS). • http://www.securityfocus.com/bid/106171 https://launchpad.support.sap.com/#/notes/2705204 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2018-2419

https://notcve.org/view.php?id=CVE-2018-2419

SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) no realiza las comprobaciones necesarias de autorización para un usuario autenticado, lo que resulta en un escalado de privilegios. • http://www.securityfocus.com/bid/104116 https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018 https://launchpad.support.sap.com/#/notes/2596627 • CWE-862: Missing Authorization •

1 2