Skip links
RedRays - Your SAP Security Solution
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

SAP Security on Udemy

Security gap in cross-site scripting, SAP security note 957038

Description

When you call SAP E-Recruiting, one or several URL parameters are specified. If you use the URL parameters and change a parameter in a particular way, any JavaScript code can be executed.

For this purpose, proceed as follows:
Attach the character string “%27)%3balert(%27XSS%21%27)%3b%2f%2f” (without the quotation marks) to an URL parameter (for example rcfSpId=9000). When you start the application with this URL, you see that the JavaScript code was executed. A JavaScript Alert with the text “XSS!” is issued.

Available fix and Supported packages

  • ERECRUIT | 300 | 300
  • ERECRUIT | 600 | 600
  • ERECRUIT 300 | SAPK-30014INERECRUIT |
  • ERECRUIT 600 | SAPK-60006INERECRUIT |

Affected component

    PA-ER
    E-Recruiting

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/957038

TAGS

#XSS
#CL_HRRCF_BSP_EXT_FRAMEWORK
#&lt-hrrcf_bsp_extframeWork&gt
#security-gap
#JavaScript

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series. 

JOIN