SAP Hybris
By the Year
In 2024 there have been 0 vulnerabilities in SAP Hybris . Hybris did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 6.10 |
| 2018 | 2 | 7.35 |
It may take a day or so for new Hybris vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP Hybris Security Vulnerabilities
SAP Commerce (previously known as SAP Hybris Commerce)
CVE-2019-0238
6.1 - Medium
- January 08, 2019
SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
XSS
SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts
CVE-2018-2505
6.1 - Medium
- December 11, 2018
SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product. Fixed in versions (SAP Hybris Commerce, versions 6.2, 6.3, 6.4, 6.5, 6.6, 6.7).
XSS
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6
CVE-2018-2463
8.6 - High
- September 11, 2018
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP Hybris or by SAP? Click the Watch button to subscribe.
