Security Advisory

CVE-2020-6238

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-14 18:39:02

Last updated 2024-08-04 08:55:22

Assigner sap

State PUBLISHED

Description

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.

← Browse all CVEs View on cve.org ↗