Description
Document Service handler (obsolete) in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability with low impact on Confidentiality and Integrity of the application.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-30747 | Document Service handler (obsolete) in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability with low impact on Confidentiality and Integrity of the application. |
References
History
No history.
Subscriptions
No data.
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2024-08-02T02:27:53.478Z
Reserved: 2024-04-23T04:04:25.520Z
Link: CVE-2024-33002
Updated: 2024-08-02T02:27:53.478Z
Status : Deferred
Published: 2024-05-14T16:17:13.510
Modified: 2026-06-17T07:30:51.450
Link: CVE-2024-33002
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD