CVE-2020-6238

CVE-2020-6238

SAP Commerce, versions – 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability (partially) of SAP Commerce.

Source: CVE-2020-6238