SAP Commerce Backoffice Unsecured User-Controlled Inputs Lead to Cross-Site Scripting (XSS) Vulnerability
CVE-2024-41735
5.4MEDIUM
What is CVE-2024-41735?
SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application.
Affected Version(s)
SAP Commerce Backoffice HY_COM 2205