CVE-2019-0369
08.10.2019, 20:15
SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.
| Vendor | Product | Version |
|---|---|---|
| sap | financial_consolidation | 10.0 |
| sap | financial_consolidation | 10.1 |
𝑥
= Vulnerable software versions