SAP Financial Consolidation allows data to enter
a Web application through an untrusted source. These endpoints are exposed over
the network and it allows the user to modify the content from the web site. On
successful exploitation, an attacker can cause significant impact to
confidentiality and integrity of the application.
References
Configurations
No configuration.
History
21 Nov 2024, 09:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://me.sap.com/notes/3457592 - | |
References | () https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html - |
11 Jun 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
11 Jun 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-11 02:15
Updated : 2024-11-21 09:23
NVD link : CVE-2024-37177
Mitre link : CVE-2024-37177
CVE.ORG link : CVE-2024-37177
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')