Unrated severityNVD Advisory· Published May 12, 2020· Updated Aug 4, 2024
CVE-2020-6254
CVE-2020-6254
Description
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting.
Affected products
2- Range: =1.0,2.0
- SAP SE/SAP Enterprise Threat Detectionv5Range: < 1.0
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.