Vulnerabilities > SAP > J2Ee Engine > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-09 | CVE-2018-17861 | Cross-site Scripting vulnerability in SAP J2Ee Engine 7.01 A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote attackers to inject arbitrary web script via the wsdlLib parameter to /ctcprotocol/Protocol. | 6.1 |
2021-08-09 | CVE-2018-17862 | Cross-site Scripting vulnerability in SAP J2Ee Engine 7.01 A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote attackers to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_Web/test2. | 6.1 |
2021-08-09 | CVE-2018-17865 | Cross-site Scripting vulnerability in SAP J2Ee Engine 7.01 A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. | 6.1 |