CVE-2018-2463
11.09.2018, 15:29
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
| Vendor | Product | Version |
|---|---|---|
| sap | hybris | 6.0 ≤ 𝑥 ≤ 6.7 |
𝑥
= Vulnerable software versions
References