Every CVE whose affected-product data names Sap Ui5, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-2424 — CVSS 9.8 (critical): SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being…
CVE-2019-0319 — CVSS 7.5 (high): The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error…
CVE-2021-21476 — CVSS 6.1 (medium): SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect…