CVE-2024-41735 Information

Description

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application.

Reference

https://me.sap.com/notes/3483256 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday