Vulnerability Details : CVE-2023-29112
The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application.
Vulnerability category: Cross site scripting (XSS)
Exploit prediction scoring system (EPSS) score for CVE-2023-29112
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less