Description
SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP Financial Consolidation | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2019-1142 | SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2024-08-04T17:51:26.111Z
Reserved: 2018-11-26T00:00:00.000Z
Link: CVE-2019-0369
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-10-08T20:15:11.030
Modified: 2024-11-21T04:16:45.200
Link: CVE-2019-0369
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses