ID |
CVE-2024-37178
|
Sažetak |
SAP Financial Consolidation does not
sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting
(XSS) vulnerability. These endpoints are exposed over the network. The
vulnerability can exploit resources beyond the vulnerable component. On
successful exploitation, an attacker can cause limited impact to
confidentiality of the application. |
Reference |
|
CVSS |
Base: | 5.0 |
Impact: | 1.4 |
Exploitability: | 3.1 |
|
Pristup |
Vektor | Složenost | Autentikacija |
NETWORK |
LOW |
LOW |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
LOW |
NONE |
NONE |
|
CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
Zadnje važnije ažuriranje |
11-06-2024 - 02:15 |
Objavljeno |
11-06-2024 - 02:15 |