SAP E Commerce
By the Year
In 2024 there have been 0 vulnerabilities in SAP E Commerce . E Commerce did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 2 | 6.45 |
2018 | 0 | 0.00 |
It may take a day or so for new E Commerce vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP E Commerce Security Vulnerabilities
An authenticated attacker in SAP E-Commerce (Business-to-Consumer application), versions 7.3, 7.31, 7.32, 7.33, 7.54, can change the price of the product to zero and also checkout, by injecting an HTML code in the application
CVE-2019-0308
6.8 - Medium
- June 12, 2019
An authenticated attacker in SAP E-Commerce (Business-to-Consumer application), versions 7.3, 7.31, 7.32, 7.33, 7.54, can change the price of the product to zero and also checkout, by injecting an HTML code in the application that will be executed whenever the victim logs in to the application even on a different machine, leading to Code Injection.
Code Injection
SAP E-Commerce (Business-to-Consumer) application does not sufficiently encode user-controlled inputs
CVE-2019-0298
6.1 - Medium
- May 14, 2019
SAP E-Commerce (Business-to-Consumer) application does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Fixed in the following components SAP-CRMJAV SAP-CRMWEB SAP-SHRWEB SAP-SHRJAV SAP-CRMAPP SAP-SHRAPP, versions 7.30, 7.31, 7.32, 7.33, 7.54.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP E Commerce or by SAP? Click the Watch button to subscribe.