Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Security Note XSS in KM external links, SAP security note 1161008


One can perform XSS attack in KM by providing as an external link target malicious scripting.

Available fix and Supported packages

  • KMC-BC | 7.00 | 7.00
  • KMC-CM | 7.00 | 7.01
  • EP-CM | 6.0_640 | 6.0_640
  • CM+COLLABORATION 6.0_640 | SP022 | 000003

Affected component

    Repository Framework


Score: 0


Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.




More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,

Protect Your SAP with RedRays Security Platform

Explore the Power of Our Scanner with an Interactive Prototype Below