PT-2019-11208 · Sap · Sap Crm Webclient Ui

Publicado

2019-01-08

·

Atualizado

2019-01-17

·

CVE-2019-0244

CVSS v3.1

5.4

Média

VetorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions prior to 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 SAP CRM WebClient UI versions prior to SAPSCORE 1.12 SAP CRM WebClient UI versions prior to S4FND 1.02 SAP CRM WebClient UI versions prior to WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01
Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting (XSS) issue.
Recommendations: For SAP CRM WebClient UI versions prior to SAPSCORE 1.12, update to SAPSCORE 1.12 or later. For SAP CRM WebClient UI versions prior to S4FND 1.02, update to S4FND 1.02 or later. For SAP CRM WebClient UI versions prior to WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01, update to WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-0244

Produtos afetados

Sap Crm Webclient Ui