1 results (0.002 seconds)
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-24525
https://notcve.org/view.php?id=CVE-2023-24525
14 Feb 2023 — SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application. SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authent... • https://launchpad.support.sap.com/#/notes/2788178 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •