CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0311

Automotive Dealer Portal in SAP R/3 Enterprise Application (versions: 600, 602, 603, 604, 605, 606, 616, 617) does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious code there, resulting in Cross-Site Scripting (XSS) vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2019-0311

Sap » R/3 Enterprise » Version: 600

cpe:2.3:a:sap:r/3_enterprise:600
Sap » R/3 Enterprise » Version: 602

cpe:2.3:a:sap:r/3_enterprise:602
Sap » R/3 Enterprise » Version: 603

cpe:2.3:a:sap:r/3_enterprise:603
Sap » R/3 Enterprise » Version: 604

cpe:2.3:a:sap:r/3_enterprise:604
Sap » R/3 Enterprise » Version: 605

cpe:2.3:a:sap:r/3_enterprise:605
Sap » R/3 Enterprise » Version: 606

cpe:2.3:a:sap:r/3_enterprise:606
Sap » R/3 Enterprise » Version: 616

cpe:2.3:a:sap:r/3_enterprise:616
Sap » R/3 Enterprise » Version: 617

cpe:2.3:a:sap:r/3_enterprise:617

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0311

Products

Pricing

Contact Us