Vulnerabilities > SAP > Sapscore > 1.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-08 | CVE-2019-0245 | Cross-site Scripting vulnerability in SAP products SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2019-01-08 | CVE-2019-0244 | Cross-site Scripting vulnerability in SAP products SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 5.4 |
2018-05-09 | CVE-2018-2419 | Missing Authorization vulnerability in SAP Ea-Finserv, S4Core and Sapscore SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 4.6 |