Cross-Site Scripting Vulnerability in SAP Process Monitoring Infrastructure
CVE-2018-2399
6.1MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 March 2018
What is CVE-2018-2399?
A Cross-Site Scripting vulnerability exists in SAP Process Monitoring Infrastructure versions 7.10 through 7.11 and 7.20 through 7.50. This issue arises due to inadequate encoding of user-controlled inputs, allowing attackers to inject malicious scripts. If exploited, this vulnerability can enable unauthorized access and manipulation of sensitive information, posing significant risks to the integrity of user interactions and data confidentiality.
Affected Version(s)
SAP Process Monitoring Infrastructure from 7.10 to 7.11
SAP Process Monitoring Infrastructure 7.20
SAP Process Monitoring Infrastructure 7.30