1 results (0.007 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-2371
https://notcve.org/view.php?id=CVE-2018-2371
The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability. El proveedor de servicios SAML 2.0 de SAP Netweaver AS Java Web Application 7.50 no codifica lo suficiente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS). • http://www.securityfocus.com/bid/103005 https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018 https://launchpad.support.sap.com/#/notes/2560741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •