CVE-2018-2388: XSS
First published: Wed Feb 14 2018(Updated: )
Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP internet Graphics Server | =7.20 | |
| SAP internet Graphics Server | =7.20ext | |
| SAP internet Graphics Server | =7.45 | |
| SAP internet Graphics Server | =7.49 | |
| SAP internet Graphics Server | =7.53 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-2388?
CVE-2018-2388 is a stored cross-site scripting vulnerability in SAP internet Graphics Server versions 7.20, 7.20EXT, 7.45, 7.49, and 7.53.
What is the severity of CVE-2018-2388?
CVE-2018-2388 has a severity rating of 6.1 or medium.
How does CVE-2018-2388 affect SAP internet Graphics Server?
CVE-2018-2388 allows attackers to inject malicious scripts into the server, potentially leading to cross-site scripting attacks on users.
How can I mitigate the risks associated with CVE-2018-2388?
To mitigate the risks of CVE-2018-2388, it is recommended to apply the patches provided by SAP.
Where can I find more information about CVE-2018-2388?
More information about CVE-2018-2388 can be found in the SAP Security Patch Day February 2018 blog post and the related SAP note.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap internet graphics server
- version/sap internet graphics server/7.20
- version/sap internet graphics server/7.20ext
- version/sap internet graphics server/7.45
- version/sap internet graphics server/7.49
- version/sap internet graphics server/7.53