Due to missing input validation, SAP Financial Consolidation, prior to 10.0 and 10.1, enables an malicious user to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap financial consolidation 10.0 |
||
sap financial consolidation 10.1 |