CVE-2019-0281
- Source
- https://cve.org/CVERecord?id=CVE-2019-0281
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0281.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-0281
- Published
- 2019-07-10T19:15:10.080Z
- Modified
- 2026-02-13T01:39:12.860106Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
SAPUI5 and OpenUI5, before versions 1.38.39, 1.44.39, 1.52.25, 1.60.6 and 1.63.0, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
- References
Affected packages
Git / github.com/sap/openui5
Affected ranges
- Type
- GIT
- Repo
- https://github.com/sap/openui5
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
1.*
1.40-codesplit
1.40.0
1.42-codesplit
1.42.0
1.44-codesplit
1.44.0
1.44.1
1.44.10
1.44.11
1.44.12
1.44.13
1.44.14
1.44.15
1.44.16
1.44.17
1.44.18
1.44.19
1.44.2
1.44.20
1.44.21
1.44.22
1.44.23
1.44.24
1.44.25
1.44.26
1.44.27
1.44.28
1.44.29
1.44.3
1.44.30
1.44.31
1.44.32
1.44.33
1.44.34
1.44.35
1.44.36
1.44.37
1.44.38
1.44.4
1.44.5
1.44.6
1.44.7
1.44.8
1.44.9
1.50-codesplit
1.50.0
1.52-codesplit
1.52.0
1.52.10
1.52.11
1.52.12
1.52.13
1.52.14
1.52.15
1.52.16
1.52.17
1.52.18
1.52.19
1.52.20
1.52.21
1.52.22
1.52.23
1.52.24
1.52.6
1.52.7
1.52.8
1.52.9
1.60-codesplit
1.60.0
xmake/stage-1.*
xmake/stage-1.44.19-1
xmake/stage-1.44.3-1
xmake/stage-1.52.22-1