← Back

Enterprise Threat Detection

enterprise_threat_detection

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-22529
1Sap
1Enterprise Threat Detection
Feb 24, 2026
Jan 14, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 sta...Show more
SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI.Show less
CVE-2020-6254
1Sap
1Enterprise Threat Detection
Nov 21, 2024
May 12, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting.