CVE-2021-21445 is a vulnerability in SAP Commerce Cloud
Published on January 12, 2021
SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an authenticated attacker to include invalidated data in the HTTP response Content Type header, due to improper input validation, and sent to a Web user. A successful exploitation of this vulnerability may lead to advanced attacks, including cross-site scripting and page hijacking.
Products Associated with CVE-2021-21445
Want to know whenever a new CVE is published for SAP Commerce Cloud? stack.watch will email you.
Affected Versions
SAP SE SAP Commerce Cloud:- Version < 1808 is affected.
- Version < 1811 is affected.
- Version < 1905 is affected.
- Version < 2005 is affected.
- Version < 2011 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.