Vulnerabilities > SAP > Enterprise Threat Detection > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2022-22529 | Cross-site Scripting vulnerability in SAP Enterprise Threat Detection 2.0 SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. | 6.1 |
| 2020-05-12 | CVE-2020-6254 | Cross-site Scripting vulnerability in SAP Enterprise Threat Detection 1.0/2.0 SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting. | 6.1 |