CVE-2022-35224
- EPSS 0.56%
- Veröffentlicht 12.07.2022 21:15:10
- Zuletzt bearbeitet 21.11.2024 07:10:55
SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal ...
CVE-2017-10701
- EPSS 0.51%
- Veröffentlicht 29.09.2017 01:34:48
- Zuletzt bearbeitet 20.04.2025 01:37:25
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
CVE-2013-7365
- EPSS 0.48%
- Veröffentlicht 10.04.2014 20:55:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2013-7367
- EPSS 0.68%
- Veröffentlicht 10.04.2014 20:55:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.