Description
An attacker can exploit the selection for the billing due list and use specially crafted inputs to modify database commands, resulting in the retrieval of additional information persisted by the system.
Available fix and Supported packages
- SAP_APPL | 616 | 616
- SAP_APPL | 617 | 617
- SAP_APPL 616 | SAPKH61609 |
- SAP_APPL 617 | SAPKH61707 |
Affected component
- SD-BIL
Billing
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2077857