CNNVD-202508-982 Information
CNNVD ID
CNNVD-202508-982
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
SAP Fiori是德国思爱普(SAP)公司的一套为SAP应用程序提供用户体验(UX)的设计系统,它为设计人员和开发人员提供了一套工具和指南,能够快速地开发适用于任何平台的应用,为创建者和用户提供一致、创新的体验。 SAP Fiori (Launchpad)存在安全漏洞,该漏洞源于外部导航保护不足,可能导致反向标签劫持攻击。
Description (English)
SAP Fiori, a design system for SAP applications that provides user experience (UX) for SAP applications in Germany, provides designers and developers with a set of tools and guidelines that enable the rapid development of applications for any platform and provides a consistent and innovative experience for creators and users. SAP Fiori (Launchpad) has a security loophole, which stems from inadequate external navigational protection and may lead to a reverse tag hijacking attack.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
思爱普
Published
2025-08-12
Last Modified
2026-02-24
References
https://me.sap.com/notes/3624943 https://url.sap/sapsecuritypatchday
Patch
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/august-2025.html
Share on: