Lucene search
SapCVELIST:CVE-2018-2364HistoryFeb 14, 2018 - 12:00 p.m.
CVE-2018-2364
2018-02-1412:00:00
sap
www.cve.org
3
EPSS
0.001
Percentile
45.6%
SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability.
CNA Affected
[
{
"product": "SAP CRM WebClient UI",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.01"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.46"
},
{
"status": "affected",
"version": "7.47"
},
{
"status": "affected",
"version": "7.48"
},
{
"status": "affected",
"version": "8.00"
},
{
"status": "affected",
"version": "8.01"
}
]
},
{
"product": "S4FND",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.02"
}
]
}
]Related
nvd
nvd
CVE-2018-2364
2018-02-14 12:29:00
prion
prion
Cross site scripting
2018-02-14 12:29:00
cve
cve
CVE-2018-2364
2018-02-14 12:29:00