CVE-2019-0245 vulnerability in SAP Products
Published on January 8, 2019

SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

NVD

Products Associated with CVE-2019-0245

Want to know whenever a new CVE is published for SAP products? stack.watch will email you.

SAP Customer Relationship Management Webclient Ui

SAP S4fnd

Sapscore

Affected Versions

SAP SE SAP CRM WebClient UI (SAPSCORE):

Version < 1.12 is affected.

SAP SE SAP CRM WebClient UI (S4FND):

Version < 1.02 is affected.

SAP SE SAP CRM WebClient UI (WEBCUIF):

Version < 7.31 is affected.
Version < 7.46 is affected.
Version < 7.47 is affected.
Version < 7.48 is affected.
Version < 8.0 is affected.
Version < 8.01 is affected.

Exploit Probability

EPSS

0.30%

Percentile

52.89%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-0245 vulnerability in SAP ProductsPublished on January 8, 2019

Products Associated with CVE-2019-0245

Affected Versions

Exploit Probability

CVE-2019-0245 vulnerability in SAP Products
Published on January 8, 2019