CVE-2019-0281

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-0281
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0281.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-0281
Published
2019-07-10T19:15:10Z
Modified
2024-05-30T01:59:55.114034Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

SAPUI5 and OpenUI5, before versions 1.38.39, 1.44.39, 1.52.25, 1.60.6 and 1.63.0, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

References

Affected packages

Git / github.com/sap/openui5

Affected ranges

Type
GIT
Repo
https://github.com/sap/openui5
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

1.*

1.25-codesplit
1.25.0
1.26-codesplit
1.26.0
1.27.0
1.28-codesplit
1.28.0
1.29.0
1.30-codesplit
1.30.0
1.32-codesplit
1.32.0
1.34-codesplit
1.34.0
1.36-codesplit
1.36.0
1.38-codesplit
1.38.0
1.38.1
1.38.10
1.38.11
1.38.12
1.38.13
1.38.14
1.38.15
1.38.16
1.38.17
1.38.18
1.38.19
1.38.2
1.38.20
1.38.21
1.38.22
1.38.23
1.38.24
1.38.25
1.38.26
1.38.27
1.38.28
1.38.29
1.38.3
1.38.30
1.38.31
1.38.32
1.38.33
1.38.34
1.38.35
1.38.36
1.38.37
1.38.38
1.38.4
1.38.5
1.38.6
1.38.7
1.38.8
1.38.9

xmake/stage-1.*

xmake/stage-1.38.12-1
xmake/stage-1.38.14-1
xmake/stage-1.38.3-1
xmake/stage-1.38.33-1
xmake/stage-1.38.37-1
xmake/stage-1.38.4-1