Vulnerabilities > SAP > Hana > 1.00.73.00.389160
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-29 | CVE-2015-3994 | Improper Input Validation vulnerability in SAP Hana 1.00.73.00.389160 The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818. | 4.0 |
2015-02-27 | CVE-2015-2072 | Cross-site Scripting vulnerability in SAP Hana 1.00.73.00.389160/1.00.80.00.391861 Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1.00.73.00.389160) and HANA Developer Edition 80 (1.00.80.00.391861) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) ide/core/plugins/editor/templates/trace/hanaTraceDetailService.xsjs or (2) xs/ide/editor/templates/trace/hanaTraceDetailService.xsjs, aka SAP Note 2069676. | 4.3 |