CVE-2017-10701
MEDIUMSAP Enterprise Portal < 7.50 - Cross-Site Scripting
Title source: llmDescription
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100786
Third Party Advisory x_refsource_misc
https://cxsecurity.com/issue/WLB-2017090219
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100788
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100805
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101068
Scores
CVSS v3
6.1
EPSS
0.0051
EPSS Percentile
66.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
sap/enterprise_portal
< 7.50
Published
Sep 29, 2017
Tracked Since
Feb 18, 2026