High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-13	CVE-2023-33991	Cross-site Scripting vulnerability in SAP UI SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. network low complexity sap CWE-79	8.2
2018-06-12	CVE-2018-2424	Improper Input Validation vulnerability in SAP products SAP UI5 did not validate user input before adding it to the DOM structure. network low complexity sap CWE-20	7.5