1 results (0.009 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-6254
https://notcve.org/view.php?id=CVE-2020-6254
12 May 2020 — SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting. SAP Enterprise Threat Detection, versiones 1.0, 2.0, no codifica suficientemente las páginas de respuesta error en caso de errores, permitiendo a una carga útil XSS reflejarse en la respuesta, conllevando a un ataque de tipo Cross Site Scripting reflejado. • https://launchpad.support.sap.com/#/notes/2913293 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •