CVE-2021-21476
4.7MEDIUM
Summary
SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Affected Version(s)
SAP UI5 < 1.38.49 < 1.38.49
SAP UI5 < 1.52.49 < 1.52.49
SAP UI5 < 1.60.34 < 1.60.34
References
CVSS V3.1
Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved