Unrated severityNVD Advisory· Published Jan 8, 2019· Updated Aug 4, 2024
CVE-2019-0238
CVE-2019-0238
Description
SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected products
2- Range: <6.7
- SAP SE/SAP Commerce (ex. SAP Hybris Commerce)v5Range: < 6.7
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/106462mitrevdb-entryx_refsource_BID
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.