CVE-2020-6305 is a vulnerability in SAP Process Integration
Published on January 14, 2020

PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

NVD

Products Associated with CVE-2020-6305

Want to know whenever a new CVE is published for SAP Process Integration? stack.watch will email you.

SAP Process Integration

Affected Versions

SAP SE SAP Process Integration - Rest Adapter (SAP_XIAF):

Version < 7.31 is affected.
Version < 7.40 is affected.
Version < 7.50 is affected.

Exploit Probability

EPSS

0.28%

Percentile

50.95%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6305 is a vulnerability in SAP Process IntegrationPublished on January 14, 2020

Products Associated with CVE-2020-6305

Affected Versions

Exploit Probability

CVE-2020-6305 is a vulnerability in SAP Process Integration
Published on January 14, 2020