{"containers":{"cna":{"affected":[{"product":"SAP Enterprise Threat Detection","vendor":"SAP SE","versions":[{"status":"affected","version":"< 1.0"},{"status":"affected","version":"< 2.0"}]}],"descriptions":[{"lang":"en","value":"SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Cross Site Scripting","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-05-12T17:57:06.000Z","orgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","shortName":"sap"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222"},{"tags":["x_refsource_MISC"],"url":"https://launchpad.support.sap.com/#/notes/2913293"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@sap.com","ID":"CVE-2020-6254","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"SAP Enterprise Threat Detection","version":{"version_data":[{"version_name":"<","version_value":"1.0"},{"version_name":"<","version_value":"2.0"}]}}]},"vendor_name":"SAP SE"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response pages in case of errors, allowing XSS payload reflecting in the response, leading to reflected Cross Site Scripting."}]},"impact":{"cvss":{"baseScore":"6.1","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Cross Site Scripting"}]}]},"references":{"reference_data":[{"name":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222","refsource":"MISC","url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222"},{"name":"https://launchpad.support.sap.com/#/notes/2913293","refsource":"MISC","url":"https://launchpad.support.sap.com/#/notes/2913293"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T08:55:22.174Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://launchpad.support.sap.com/#/notes/2913293"}]}]},"cveMetadata":{"assignerOrgId":"e4686d1a-f260-4930-ac4c-2f5c992778dd","assignerShortName":"sap","cveId":"CVE-2020-6254","datePublished":"2020-05-12T17:57:06.000Z","dateReserved":"2020-01-08T00:00:00.000Z","dateUpdated":"2024-08-04T08:55:22.174Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}