CVE-2020-6254
CVE-2020-6254
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
SAP SE · SAP Enterprise Threat DetectionWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →