Vulnerabilities > SAP > Manufacturing Execution

DATE CVE VULNERABILITY TITLE RISK
2022-10-11 CVE-2022-39802 Path Traversal vulnerability in SAP Manufacturing Execution 15.1/15.2/15.3
SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter.
network
low complexity
sap CWE-22
7.5
2021-06-09 CVE-2021-27615 Cross-site Scripting vulnerability in SAP Manufacturing Execution
SAP Manufacturing Execution versions - 15.1, 1.5.2, 15.3, 15.4, does not contain some HTTP security headers in their HTTP response.
network
sap CWE-79
3.5
2021-04-13 CVE-2021-27600 Cross-site Scripting vulnerability in SAP Manufacturing Execution
SAP Manufacturing Execution (System Rules), versions - 15.1, 15.2, 15.3, 15.4, allows an authorized attacker to embed malicious code into HTTP parameter and send it to the server because SAP Manufacturing Execution (System Rules) tab does not sufficiently encode some parameters, resulting in Stored Cross-Site Scripting (XSS) vulnerability.
network
sap CWE-79
3.5