cvedb.io
CVE-2022-22529
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-01-14T20:15:15.797 · Last modified 2026-06-17T04:28:32.343

Summary

SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD are using SAP UI5 standard controls, the UI5 framework provides automated output encoding for its standard controls. This output encoding prevents stored malicious user input from being executed when it is reflected in the UI.

Affected products

sap — enterprise_threat_detection

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.