What the vulnerability does

01Description

Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Key dates

02Disclosure timeline

March 8, 2022 CVE published
August 3, 2024 Record updated