CVE-2019-0388: SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to…

medium5.3CVSS 3.1

AVNACLPRNUINSUCNILAN

SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation.

Affected

12 ranges

Vendor	Product	Version range	Fixed in
sap	ui	—	—
sap	ui	—	—
sap	ui	—	—
sap	ui	—	—
sap	ui	—	—
sap	ui	—	—
sap_se	sap_ui	< 7.5	7.5
sap_se	sap_ui	< 7.51	7.51
sap_se	sap_ui	< 7.52	7.52
sap_se	sap_ui	< 7.53	7.53
sap_se	sap_ui	< 7.54	7.54
sap_se	sap_ui_700	< 2.0	2.0