Insufficient Encoding of User Inputs in SAP Business Warehouse Universal Data Integration: Cross-Site Scripting (XSS) Vulnerability

Insufficient Encoding of User Inputs in SAP Business Warehouse Universal Data Integration: Cross-Site Scripting (XSS) Vulnerability

CVE-2017-16685 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs.

Learn more about our User Device Pen Test.