CVE-2015-2813 Information

Description

XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML aka SAP Security Note 2125358.

Reference

http://packetstormsecurity.com/files/132357/SAP-Mobile-Platform-2.3-XXE-Injection.html http://seclists.org/fulldisclosure/2015/Jun/63 http://www.securityfocus.com/archive/1/535828/100/800/threaded http://www.securityfocus.com/bid/73692 https://erpscan.io/advisories/erpscan-15-005-sap-mobile-platform-xxe/