CVE-2024-45278

Name of the Vulnerable Software and Affected Versions SAP Commerce Backoffice (affected versions not specified)

Description The issue is related to the lack of proper encoding of user-controlled inputs in the SAP Commerce Backoffice web application, leading to a Cross-Site Scripting (XSS) vulnerability. This vulnerability can be exploited by a remote attacker to conduct inter-site scripting attacks, potentially causing limited impact on the confidentiality and integrity of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.