We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | sap |
Reserved | 2024-05-07 |
Published | 2024-06-11 |
Updated | 2024-08-02 |
Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
https://me.sap.com/notes/3465129
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html