Unrated severityNVD Advisory· Published Apr 14, 2020· Updated Aug 4, 2024
CVE-2020-6238
CVE-2020-6238
Description
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.
Affected products
2- Range: 6.6, 6.7, 1808, 1811, 1905
- SAP SE/SAP Commercev5Range: < 6.6
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.