Vulnerabilities > SAP > Commerce Webservices 2 0 > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-41266 | Cross-site Scripting vulnerability in SAP Commerce Webservices 2.0 Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. | 6.1 |