cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45278,https://securityvulnerability.io/vulnerability/CVE-2024-45278,SAP Commerce Backoffice vulnerable to XSS,"SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.",SAP,SAP Commerce Backoffice,5.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-10-08T03:21:25.904Z,0
CVE-2024-41735,https://securityvulnerability.io/vulnerability/CVE-2024-41735,SAP Commerce Backoffice Unsecured User-Controlled Inputs Lead to Cross-Site Scripting (XSS) Vulnerability,"SAP Commerce Backoffice does not sufficiently
encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)
vulnerability causing low impact on confidentiality and integrity of the
application.",SAP,SAP Commerce Backoffice,5.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-08-13T03:49:48.215Z,0
CVE-2021-27619,https://securityvulnerability.io/vulnerability/CVE-2021-27619,,"SAP Commerce (Backoffice Search), versions - 1808, 1811, 1905, 2005, 2011, allows a low privileged user to search for attributes which are not supposed to be displayed to them. Although the search results are masked, the user can iteratively enter one character at a time to search and determine the masked attribute value thereby leading to information disclosure.",SAP,SAP Commerce (backoffice Search),6.5,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2021-05-11T14:19:33.000Z,0