| CVE编号 | CVE-2025-27434 |
|---|---|
| 发布日期 | 2025-03-11T00:39:01.831Z |
| 更新日期 | 2025-03-12T04:00:31.592Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | SAP_SE |
| 受影响的产品 | SAP Commerce (Swagger UI) |
| 描述 | Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting (XSS) attack. This could lead to a high impact on the confidentiality, integrity, and availability of data in SAP Commerce. |
参考链接:
