SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user controlled inputs,
resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After
successful exploitation, an attacker can cause low impact on the confidentiality
and integrity of the application.
References
Configurations
No configuration.
History
21 Nov 2024, 09:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://me.sap.com/notes/3482217 - | |
References | () https://url.sap/sapsecuritypatchday - |
09 Jul 2024, 18:19
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Jul 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-09 05:15
Updated : 2024-11-21 09:28
NVD link : CVE-2024-39594
Mitre link : CVE-2024-39594
CVE.ORG link : CVE-2024-39594
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')