CVE-2024-39594 Information

Description

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After successful exploitation an attacker can cause low impact on the confidentiality and integrity of the application.

Reference

https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday https://me.sap.com/notes/3482217