VYPR
Unrated severityNVD Advisory· Published Oct 8, 2019· Updated Aug 4, 2024

CVE-2019-0368

CVE-2019-0368

Description

SAP Customer Relationship Management (Email Management), versions: S4CRM before 1.0 and 2.0, BBPCRM before 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability.

Affected products

3
  • Range: S4CRM < 1.0, 2.0; BBPCRM < 7.0, 7.01, 7.02, 7.12, 7.13, 7.14
  • SAP SE/SAP Customer Relationship Management (Email Management - BBPCRM)v5
    Range: < 7.0
  • SAP SE/SAP Customer Relationship Management (Email Management - S4CRM)v5
    Range: < 1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.