CVE-2018-2410
published 2018-04-10CVE-2018-2410: SAP Business One, 9.2, 9.3, browser access does not sufficiently encode user controlled inputs, which results in a Cross-Site Scripting (XSS) vulnerability.
medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
SAP Business One, 9.2, 9.3, browser access does not sufficiently encode user controlled inputs, which results in a Cross-Site Scripting (XSS) vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | business_one | — | — |
| sap | business_one | — | — |
| sap_se | sap_business_one | — | — |
| sap_se | sap_business_one | — | — |