PT-2019-11209 · Sap · Sap Crm Webclient Ui

Publicado

2019-01-08

Atualizado

2019-01-17

CVE-2019-0245

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions prior to 7.31, 7.46, 7.47, 7.48, 8.0, 8.01

Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting (XSS) issue.

Recommendations: For SAP CRM WebClient UI versions prior to 7.31, update to version 7.31 or later. For SAP CRM WebClient UI versions 7.31, 7.46, 7.47, 7.48, update to version 8.0 or later, or apply the fix included in SAPSCORE 1.12, S4FND 1.02, or WEBCUIF 8.01.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-0245

Produtos afetados

Sap Crm Webclient Ui

PT-2019-11209 · Sap · Sap Crm Webclient Ui

CVE-2019-0245

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5