CVE-2019-0298
SAP E-Commerce (Business-to-Consumer) application does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Fixed in the following components SAP-CRMJAV SAP-CRMWEB SAP-SHRWEB SAP-SHRJAV SAP-CRMAPP SAP-SHRAPP, versions 7.30, 7.31, 7.32, 7.33, 7.54.
| Software | From | Fixed in |
|---|---|---|
| sap / e-commerce | 7.31 | 7.31.x |
| sap / e-commerce | 7.32 | 7.32.x |
| sap / e-commerce | 7.33 | 7.33.x |
| sap / e-commerce | 7.54 | 7.54.x |
| sap / e-commerce | 7.30 | 7.30.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime