CVE-2022-28770

Name of the Vulnerable Software and Affected Versions SAPUI5 library(vbm) versions 75 through 755

Description The issue is caused by insufficient input validation, allowing an unauthenticated attacker to inject a script into the URL and execute code. This can lead to a limited impact on the confidentiality and integrity of the application, as an attacker can view or modify information.

Recommendations For SAPUI5 library(vbm) versions 75 through 755, update to a version that includes input validation to prevent script injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.