CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-49577

The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100, SAP_HRCIE 600, SAP_HRCIE 604, SAP_HRCIE 608, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.8%

CVSS Severity

CVSS v3 Score 6.1

References

https://me.sap.com/notes/3217087
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
https://me.sap.com/notes/3217087
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Products affected by CVE-2023-49577

Sap » Human Capital Management » Version: s4hcmcie_100

cpe:2.3:a:sap:human_capital_management:s4hcmcie_100
Sap » Human Capital Management » Version: sap_hrcie_600

cpe:2.3:a:sap:human_capital_management:sap_hrcie_600
Sap » Human Capital Management » Version: sap_hrcie_604

cpe:2.3:a:sap:human_capital_management:sap_hrcie_604
Sap » Human Capital Management » Version: sap_hrcie_608

cpe:2.3:a:sap:human_capital_management:sap_hrcie_608

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-49577

Products

Pricing

Contact Us