Launchpad.net

CVE 2019-0254

SAP Disclosure Management (before version 10.1 Stack 1301) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

See the CVE page on Mitre.org for more details.