Cross Site Scripting Vulnerability in SAP Enterprise Threat Detection
CVE-2020-6254
6.1MEDIUM
What is CVE-2020-6254?
SAP Enterprise Threat Detection versions 1.0 and 2.0 lack proper encoding for error response pages. This deficiency allows an attacker to inject malicious XSS payloads that may be reflected back to users, potentially compromising their web browser's security and enabling unauthorized actions.
Affected Version(s)
SAP Enterprise Threat Detection < 1.0 < 1.0
SAP Enterprise Threat Detection < 2.0 < 2.0