CVE-2024-37173
[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)
Due to insufficient input validation, SAP
CRM WebClient UI allows an unauthenticated attacker to craft a URL link which
embeds a malicious script. When a victim clicks on this link, the script will
be executed in the victim's browser giving the attacker the ability to access
and/or modify information with no effect on availability of the application.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
SAP_SE · SAP CRM WebClient UI¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →