CVE-2024-47594 Information
Oct 09, 2024
cve
Description
SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link confidentiality and integrity of their web browser session could be compromised.
Reference
https://me.sap.com/notes/3503462 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday
Share on: