VYPR

Enterprise Portal

by SAP

CVEs (6)

  • CVE-2017-10701MedSep 29, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.

  • CVE-2023-26461Mar 14, 2023
    risk 0.00cvss epss 0.01

    SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an authenticated attacker with sufficient privileges to access the XML parser which can submit a crafted XML file which when parsed will enable them to access but not modify sensitive files and data. It allows…

  • CVE-2022-35224Jul 12, 2022
    risk 0.00cvss epss 0.01

    SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of…

  • CVE-2021-33687Jul 14, 2021
    risk 0.00cvss epss 0.02

    SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.

  • CVE-2013-7367Apr 10, 2014
    risk 0.00cvss epss 0.02

    SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.

  • CVE-2013-7365Apr 10, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in SAP Enterprise Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.