Vulnerabilities > SAP > Afaria > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-24 | CVE-2015-6663 | Cross-site Scripting vulnerability in SAP Afaria 7.0 Cross-site scripting (XSS) vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, aka SAP Security Note 2152669. | 4.3 |
| 2015-04-01 | CVE-2015-2820 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Afaria 7.0.6001.5 Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584. | 5.0 |