SAP Financial Consolidation, prior to 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an malicious user to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap financial consolidation 10.0 |
||
sap financial consolidation 10.1 |