CVE-2013-6814 Information
Feb 14, 2021
cve
Description
The J2EE Engine in SAP NetWeaver 6.40 7.02 and earlier allows remote attackers to redirect users to arbitrary web sites conduct phishing attacks and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors.
Reference
http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/55778 https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/ https://service.sap.com/sap/support/notes/1854826
Share on: