Every CVE whose affected-product data names Sap Ui, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-2424 — CVSS 9.8 (critical): SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being…
CVE-2023-33991 — CVSS 8.2 (high): SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode…
CVE-2018-2428 — CVSS 5.3 (medium): Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components…
CVE-2019-0388 — CVSS 5.3 (medium): SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate…