VYPR

Marketing

by SAP

CVEs (3)

  • CVE-2020-6320HigSep 9, 2020
    risk 0.53cvss 8.1epss 0.01

    SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the vulnerability and perform tasks related to contact and interaction data which…

  • CVE-2018-2486MedDec 11, 2018
    risk 0.35cvss 5.4epss 0.01

    SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

  • CVE-2024-21734LowJan 9, 2024
    risk 0.24cvss 3.7epss 0.00

    SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application.