cvelist/2019/0xxx/CVE-2019-0262.json

67 lines
1.4 KiB
JSON
Raw Normal View History

2019-02-15 12:04:22 -05:00
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0262",
"ASSIGNER": "cna@sap.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP WebIntelligence BILaunchPad (Enterprise)",
"version": {
"version_data": [
{
"version_name": "<",
"version_value": "4.10"
},
{
"version_name": "<",
"version_value": "4.20"
}
]
}
}
]
}
}
]
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang": "eng",
"value":"Cross-Site Scripting"
}
]
}
]
},
"references":{
"reference_data":[
{
"url":"https://launchpad.support.sap.com/#/notes/2696714"
},
{
"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
}
}