Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26101 | 1 Sap | 1 Fiori Launchpad | 2022-12-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2020-6283 | 1 Sap | 1 Fiori Launchpad | 2020-09-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting (XSS) vulnerability. With a successful attack, the attacker can steal authentication information of the user, such as data relating to his or her current session. | |||||
| CVE-2020-6210 | 1 Sap | 1 Fiori Launchpad | 2020-03-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting (XSS) vulnerability. | |||||