Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-35224 | 1 Sap | 1 Enterprise Portal | 2023-01-30 | 4.3 MEDIUM | 6.1 MEDIUM |
SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim?s web browser session. | |||||
CVE-2017-10701 | 1 Sap | 1 Enterprise Portal | 2017-10-06 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516. | |||||
CVE-2013-7365 | 1 Sap | 1 Enterprise Portal | 2016-12-30 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
CVE-2013-7367 | 1 Sap | 1 Enterprise Portal | 2014-04-11 | 7.5 HIGH | N/A |
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors. |