Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

Security Enhancement for WFD, SAP security note 1238862

Description

To prevent any possible Cross-Site Request Forgery (XSRF) and Cross-Site scripting techniques on WFD application.

Available fix and Supported packages

  • SAP-CRMJAV | 5.0 | 5.0
  • SAP-CRMWEB | 5.0 | 5.0
  • SAP-SHRWEB | 5.0 | 5.0
  • SAP-SHRJAV | 5.0 | 5.0
  • SAP-CRMAPP | 5.0 | 5.0
  • SAP-SHRAPP | 5.0 | 5.0
  • CRM JAVA APPLICATIONS 5.0 | SP012 | 000009
  • CRM JAVA COMPONENTS 5.0 | SP012 | 000009
  • CRM JAVA WEB COMPONENTS 5.0 | SP012 | 000009
  • SAP SHARED JAVA APPLIC. 5.0 | SP012 | 000009
  • SAP SHARED JAVA COMPONENTS 5.0 | SP012 | 000009
  • SAP SHARED WEB COMPONENTS 5.0 | SP012 | 000009

Affected component

    CRM-WFD-RTL
    Multi-Site Workforce Deployment

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1238862

TAGS

#Interaction-Center-Workforce-Management
#IC-WFM
#MS-WFD
#MultisiteWorkforce-Deployment
#Workforce-Management
#XSS
#XSRF

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.