CVE-2020-6210

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting (XSS) vulnerability.
Configurations

Configuration 1

cpe:2.3:a:sap:fiori_launchpad:754:*:*:*:*:*:*:*
cpe:2.3:a:sap:fiori_launchpad:753:*:*:*:*:*:*:*

Information

Published : 2020-03-10 09:15

Updated : 2020-03-11 07:48


NVD link : CVE-2020-6210

Mitre link : CVE-2020-6210

Products Affected
No products.
CWE