Published: 14/02/2023 Updated: 11/04/2023

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 0

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap customer relationship management webclient ui 7.01
sap customer relationship management webclient ui 7.31
sap customer relationship management webclient ui 7.48
sap customer relationship management webclient ui 8.00
sap customer relationship management webclient ui 8.01
sap customer relationship management webclient ui 7.00
sap customer relationship management webclient ui 7.02
sap customer relationship management webclient ui 7.40
sap customer relationship management webclient ui 7.50
sap customer relationship management webclient ui 7.52
sap s4fnd 1.02
sap s4fnd 1.03

CWE-79 https://launchpad.support.sap.com/#/notes/2788178 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-24525

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect