Vulnerabilities > SAP > UI
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-13 | CVE-2023-33991 | Cross-site Scripting vulnerability in SAP UI SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. | 8.2 |
| 2019-11-13 | CVE-2019-0388 | Authentication Bypass by Spoofing vulnerability in SAP UI SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation. | 5.3 |
| 2018-06-12 | CVE-2018-2428 | Unspecified vulnerability in SAP Infrastructure and UI Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. | 5.3 |
| 2018-06-12 | CVE-2018-2424 | Improper Input Validation vulnerability in SAP products SAP UI5 did not validate user input before adding it to the DOM structure. | 7.5 |