CVE-2024-37174
published 2024-07-09CVE-2024-37174: Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability. On…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Custom CSS support option in SAP CRM WebClient
UI does not sufficiently encode user-controlled inputs resulting in Cross-Site
Scripting vulnerability. On successful exploitation an attacker can cause
limited impact on confidentiality and integrity of the application.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_s4fnd | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap | customer_relationship_management_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |
| sap_se | sap_crm_webclient_ui | — | — |