cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-33991,https://securityvulnerability.io/vulnerability/CVE-2023-33991,Stored Cross-Site Scripting (Stored XSS) vulnerability in SAP UI5 Variant Management,"The SAP UI5 Variant Management has a Stored Cross-Site Scripting vulnerability due to inadequate encoding of user-controlled inputs when fetching data from the server. This issue affects several versions, granting attackers with user-level access the potential to exploit this vulnerability. Successful exploitation can significantly compromise confidentiality, alter information, and may lead to service disruptions for users.",SAP,SAP UI5 Variant Management,8.2,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2023-06-13T03:15:00.000Z,0
CVE-2021-21476,https://securityvulnerability.io/vulnerability/CVE-2021-21476,,"SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.",SAP,SAP Ui5,4.7,MEDIUM,0.0007099999929778278,false,false,false,false,,false,false,2021-02-09T20:44:32.000Z,0
CVE-2018-2424,https://securityvulnerability.io/vulnerability/CVE-2018-2424,,"SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00",SAP,"SAP Hana Database,SAP Ui5,SAP Ui5(java),SAP Ui,SAP Ui For SAP Netweaver 7.00",9.8,CRITICAL,0.0021699999924749136,false,false,false,false,,false,false,2018-06-12T15:00:00.000Z,0