• Published Date: Fri 14 Jan 2022
  • Last Modified Date: Fri 21 Jan 2022

SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI.

References (Advisories, Solutions, and Tools):

Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD