/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
We can see in DM stack 1800 that the Fiori launchpad is using SAPUI5 1.52.13 which in turn uses jQuery 2.2.3, which is flagged as vulnerable to CVE-2020-11022 & CVE-202-11023
According to this note, SAPUI5 should be upgraded:
2941170 - Cross-Site Scripting (XSS) vulnerabilities in modified jQuery bundled with SAPUI5
Read more...
Environment
Disclosure Management 10.1
Product
SAP Disclosure Management 10.0
Keywords
jquery CVE-2020-11022 , KBA , EPM-DSM-ANN , Annual Statement/Internal Reporting , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)