SAP Knowledge Base Article - Preview

2616247 - jQuery library vulnerability in SAPUI5

Symptom

  • Security scans flag SAPUI5 resources as having one of several jQuery vulnerabilities
  • Security scans suggest SAPUI5 applications are vulnerable to XSS attacks via cross-origin AJAX requests with an unspecificed accepted content type   

Read more...

Environment

SAPUI5 version 1.38.x and higher

Product

SAPUI5 all versions

Keywords

 $.get(), $.parseHTML(), XSS, CORS, vulnerability, SAPUI5, SAP UI5, UI5, jQuery, library , KBA , CA-UI5-COR , SAP UI5 Core and Runtime , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.