Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-0298

SAP E-Commerce (Business-to-Consumer) application does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Fixed in the following components SAP-CRMJAV SAP-CRMWEB SAP-SHRWEB SAP-SHRJAV SAP-CRMAPP SAP-SHRAPP, versions 7.30, 7.31, 7.32, 7.33, 7.54.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
Products affected by CVE-2019-0298
  • Sap » E-Commerce » Version: 7.30
    cpe:2.3:a:sap:e-commerce:7.30
  • Sap » E-Commerce » Version: 7.31
    cpe:2.3:a:sap:e-commerce:7.31
  • Sap » E-Commerce » Version: 7.32
    cpe:2.3:a:sap:e-commerce:7.32
  • Sap » E-Commerce » Version: 7.33
    cpe:2.3:a:sap:e-commerce:7.33
  • Sap » E-Commerce » Version: 7.54
    cpe:2.3:a:sap:e-commerce:7.54


Products
Pricing
Contact Us

Shodan ® - All rights reserved