Migration to new XSS-Library, SAP security note 1675796

Description

FIN-CGV-MIC can be abused by a malicious user, allowing them to modify displayed application content without authorization, and to potentially obtain authentification information from other legitimate users.

Available fix and Supported packages

FINBASIS | 300 | 300
FINBASIS | 600 | 600
FINBASIS | 602 | 602
FINBASIS | 603 | 603
FINBASIS | 604 | 604
FINBASIS | 605 | 605
FINBASIS | 736 | 736
FINBASIS | 746 | 746
FINBASIS 300 | SAPK-30029INFINBASIS |
FINBASIS 736 | SAPK-73603INFINBASIS |
FINBASIS 600 | SAPK-60022INFINBASIS |
FINBASIS 602 | SAPK-60212INFINBASIS |
FINBASIS 603 | SAPK-60311INFINBASIS |
FINBASIS 604 | SAPK-60412INFINBASIS |
FINBASIS 605 | SAPK-60509INFINBASIS |
FINBASIS 746 | 746 |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1675796

Vahagn Vardanian

Migration to new XSS-Library, SAP security note 1675796

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Cross-site-scripting
#XSS
#FIN-CGV-MIC

Explore More

SAP Security Advisory – CVE-2025-42890

SAP security patches November 2025

CVE-2025-42944 – Critical Severity Remote Code Execution in SAP NetWeaver RMI-P4

CVE-2025-42937 – Critical Directory Traversal Vulnerability in SAP Print Service

Vahagn Vardanian

Migration to new XSS-Library, SAP security note 1675796

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Cross-site-scripting#XSS#FIN-CGV-MIC

Explore More

SAP Security Advisory – CVE-2025-42890

SAP security patches November 2025

CVE-2025-42944 – Critical Severity Remote Code Execution in SAP NetWeaver RMI-P4

CVE-2025-42937 – Critical Directory Traversal Vulnerability in SAP Print Service

#Cross-site-scripting
#XSS
#FIN-CGV-MIC