Vulnerabilities > SAP > Commerce Backoffice > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-41735 | Cross-site Scripting vulnerability in SAP Commerce Backoffice Hycom2205 SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application. | 5.4 |