Unauthorized modification of displayed content in ESRI Map, SAP security note 1494462

Description

The ESRI Map could be abused by a malicious user, who could modify displayed application content without authorization and potentially obtain authentication information from other legitimate users.

Available fix and Supported packages

BBPCRM | 700 | 700
BBPCRM | 701 | 701
BBPCRM 701 | SAPKU70102 |
BBPCRM 700 | SAPKU70008 |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1494462

Vahagn Vardanian

Unauthorized modification of displayed content in ESRI Map, SAP security note 1494462

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Reflected-Cross-Site-Scripting
#XSS
#ESRI-Map

Explore More

SAP npm Packages Hijacked to Steal Cloud Credentials and Weaponize AI Coding Agents

How to Find Security Vulnerabilities in Custom ABAP Code

Open-Source SAP Protocol Library for Penetration Testing

SAP Security Patch Day – March 2026

Vahagn Vardanian

Unauthorized modification of displayed content in ESRI Map, SAP security note 1494462

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Reflected-Cross-Site-Scripting#XSS#ESRI-Map

Explore More

SAP npm Packages Hijacked to Steal Cloud Credentials and Weaponize AI Coding Agents

How to Find Security Vulnerabilities in Custom ABAP Code

Open-Source SAP Protocol Library for Penetration Testing

SAP Security Patch Day – March 2026

#Reflected-Cross-Site-Scripting
#XSS
#ESRI-Map