Cross-Site Scripting Vulnerability in SAP Supplier Relationship Management
CVE-2019-0361
6.1MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 10 September 2019
What is CVE-2019-0361?
SAP Supplier Relationship Management’s Master Data Management Catalog has a Cross-Site Scripting vulnerability due to insufficient encoding of user-controlled inputs, potentially allowing attackers to inject malicious scripts into web pages viewed by other users, compromising user data and application integrity.
Affected Version(s)
SAP Supplier Relationship Management (Master Data Management Catalog) (SRM_MDM_CAT) < 3.73 < 3.73
SAP Supplier Relationship Management (Master Data Management Catalog) (SRM_MDM_CAT) < 7.31 < 7.31
SAP Supplier Relationship Management (Master Data Management Catalog) (SRM_MDM_CAT) < 7.32 < 7.32