Vulnerabilities > SAP > UI5

DATE CVE VULNERABILITY TITLE RISK
2021-02-09 CVE-2021-21476 Open Redirect vulnerability in SAP UI5
SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
network
low complexity
sap CWE-601
6.1
2019-07-10 CVE-2019-0319 Injection vulnerability in SAP Gateway and UI5
The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message.
network
low complexity
sap CWE-74
7.5
2018-06-12 CVE-2018-2424 Improper Input Validation vulnerability in SAP products
SAP UI5 did not validate user input before adding it to the DOM structure.
network
low complexity
sap CWE-20
7.5