PT-2018-3537 · Sap · Sap Hybris Commerce

Publicado

2018-12-11

·

Atualizado

2019-01-07

·

CVE-2018-2505

CVSS v2.0

6.4

Média

VetorAV:N/AC:L/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions: SAP Hybris Commerce versions 6.2 through 6.7
Description: The issue is related to insufficient validation of user-controlled inputs, leading to a Cross-Site Scripting (XSS) issue. This could allow a remote attacker to perform cross-site scripting attacks.
Recommendations: For versions 6.2 through 6.7, update to a fixed version to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

BDU:2020-03311
CVE-2018-2505

Produtos afetados

Sap Hybris Commerce