Skip links

Security note Entry/output validation Learning Portal, SAP security note 999076

Description

On some pages of the learing portal, Cross Site Scripting security breaches may occur.
These security breaches are corrected with this note.

Available fix and Supported packages

  • LSOFE | 200 | 200
  • LSOFE | 300 | 300
  • LSOFE | 600 | 600
  • LSOFE 300 | SAPK-30015INLSOFE |
  • LSOFE 600 | SAPK-60008INLSOFE |
  • LSOFE 200 | SAPK-200POINLSOFE |

Affected component

    PE-LSO-LPO
    Learning Portal

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/999076

TAGS

#Learning-Portal
#LSO
#XSS
#CSS
#Cross-Site-Scripting
#parameter
#core
#lspage_alias_c
#lspage_alias

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies

SAP Security Patch Day RedRays

May 2024 SAP Security Patch Day

Vulnerability: Multiple vulnerabilities in SAP CX Commerce SAP Component: CEC-SCC-PLA-PL CVE ID: CVE-2019-17495 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Category: Program error