CVE-2018-2364
published 2018-02-14CVE-2018-2364: SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | s4fnd | — | — |
| sap_se | s4fnd | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |