CVEs-PoC/2020/CVE-2020-6201.md at 8babdbc0f86ff50487ee8a64da39b2f433a34aa1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-24 15:54:10 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811, 1905, does not sufficiently encode user-controlled inputs, due to which certain GET URL parameters are reflected in the HTTP responses without escaping/sanitization, leading to Reflected Cross Site Scripting.

POC

Reference

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

Github

No PoCs found on GitHub currently.

1.2 KiB Raw Blame History

CVE-2020-6201

Description

POC

Reference

Github

1.2 KiB

Raw Blame History