VYPR
Unrated severityNVD Advisory· Published Apr 14, 2020· Updated Aug 4, 2024

CVE-2020-6238

CVE-2020-6238

Description

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.

Affected products

2
  • Range: 6.6, 6.7, 1808, 1811, 1905
  • SAP SE/SAP Commercev5
    Range: < 6.6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.