Skip links
RedRays - Your SAP Security Solution
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

SAP Security on Udemy

Migration to new XSS-Library, SAP security note 1675796

Description

FIN-CGV-MIC can be abused by a malicious user, allowing them to modify displayed application content without authorization, and to potentially obtain authentification information from other legitimate users.

Available fix and Supported packages

  • FINBASIS | 300 | 300
  • FINBASIS | 600 | 600
  • FINBASIS | 602 | 602
  • FINBASIS | 603 | 603
  • FINBASIS | 604 | 604
  • FINBASIS | 605 | 605
  • FINBASIS | 736 | 736
  • FINBASIS | 746 | 746
  • FINBASIS 300 | SAPK-30029INFINBASIS |
  • FINBASIS 736 | SAPK-73603INFINBASIS |
  • FINBASIS 600 | SAPK-60022INFINBASIS |
  • FINBASIS 602 | SAPK-60212INFINBASIS |
  • FINBASIS 603 | SAPK-60311INFINBASIS |
  • FINBASIS 604 | SAPK-60412INFINBASIS |
  • FINBASIS 605 | SAPK-60509INFINBASIS |
  • FINBASIS 746 | 746 |

Affected component

    FIN-CGV-MIC
    Management of internal controls

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1675796

TAGS

#Cross-site-scripting
#XSS
#FIN-CGV-MIC

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series. 

JOIN