This security note has been updated. For more detailed information, see Security Note 1557426.
The CRM portal integration could be abused by a malicious user, who could modify displayed application content without authorization and potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- BP_CRM50 | 6.0 | 6.0
- CRMFND | 700 | 700
- CRMFND | 701 | 701
- BP CRM FOUNDATION CODING 7.0 | SP008 | 000001
- BP CRM FOUNDATION CODING 7.01 | SP003 | 000001
- BP SAP CRM 6.0 (NEW) | SP007 | 000001
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.