CVE-2024-39595 Information

Description

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user-controlled inputs resulting in Stored Cross-Site Scripting (XSS) vulnerability. This vulnerability allows users to modify website content and on successful exploitation an attacker can cause low impact to the confidentiality and integrity of the application.

Reference

https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday https://me.sap.com/notes/3482217