Vulnerabilities > SAP > Financial Consolidation > 1010
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-08 | CVE-2022-41208 | Cross-site Scripting vulnerability in SAP Financial Consolidation 1010 Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. | 5.4 |
2022-11-08 | CVE-2022-41258 | Cross-site Scripting vulnerability in SAP Financial Consolidation 1010 Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. | 6.5 |
2022-11-08 | CVE-2022-41260 | Cross-site Scripting vulnerability in SAP Financial Consolidation 1010 SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input which may allow an unauthenticated attacker to inject a web script via a GET request. | 6.1 |