Cross-Site Scripting (XSS) Vulnerability in SAP Commerce Storefronts
CVE-2018-2505 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product. Fixed in versions (SAP Hybris Commerce, versions 6.2, 6.3, 6.4, 6.5, 6.6, 6.7).
Learn more about our User Device Pen Test.