VYPR
Unrated severityNVD Advisory· Published Jan 8, 2019· Updated Aug 4, 2024

CVE-2019-0238

CVE-2019-0238

Description

SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Affected products

2
  • Range: <6.7
  • SAP SE/SAP Commerce (ex. SAP Hybris Commerce)v5
    Range: < 6.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.