VYPR
Unrated severityNVD Advisory· Published Aug 9, 2021· Updated Aug 5, 2024

CVE-2018-17865

CVE-2018-17865

Description

A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.