Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

SAP Business Client Security Vulnerabilities

cve
cve

CVE-2024-22128

SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject...

4.7CVSS

6.4AI Score

0.0004EPSS

2024-02-13 02:15 AM
16
cve
cve

CVE-2023-39437

SAP business One allows - version 10.0, allows an attacker to insert malicious code into the content of a web page or application and gets it delivered to the client, resulting to Cross-site scripting. This could lead to harmful action affecting the Confidentiality, Integrity and Availability of...

5.4CVSS

5.7AI Score

0.0004EPSS

2023-08-08 01:15 AM
17
cve
cve

CVE-2022-31593

SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the...

8.8CVSS

8.7AI Score

0.001EPSS

2022-07-12 09:15 PM
67
5
cve
cve

CVE-2022-27667

Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacker to access information which would otherwise be restricted, leading to Information...

7.5CVSS

7.3AI Score

0.002EPSS

2022-04-12 05:15 PM
59