CVE-2018-2486

Summary

SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Affected Software

VendorProductVersion RangeStatus
SAPSAP Marketing (UICUAN)= 1.20affected
SAPSAP Marketing (UICUAN)= 1.30affected
SAPSAP Marketing (UICUAN)= 1.40affected
SAPSAP Marketing (SAPSCORE)= 1.13affected
SAPSAP Marketing (SAPSCORE)= 1.14affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References