Sap · Sap J2Ee Engine · CVE-2018-17862
**Name of the Vulnerable Software and Affected Versions**
SAP J2EE Engine/7.01/Fiori (affected versions not specified)
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script via the `sys jdbc` parameter to "/TestJDBC Web/test2". This issue only affects products that are no longer supported by the maintainer.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.