CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-9569

Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/62017
http://www.securitytracker.com/id/1031509
http://www.senseofsecurity.com.au/advisories/SOS-14-005
http://secunia.com/advisories/62017
http://www.securitytracker.com/id/1031509
http://www.senseofsecurity.com.au/advisories/SOS-14-005

Products affected by CVE-2014-9569

Sap » Netweaver Business Client For Html » Version: 3.0

cpe:2.3:a:sap:netweaver_business_client_for_html:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9569

Products

Pricing

Contact Us