Skip links
🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

Unauthorized modification of stored content in EWS, SAP security note 1576708

Description

EWS can be abused by a malicious user, allowing them to modify application content, persist the modified content without authorization, and to potentially obtain authentica-tion information from other legitimate users.

Available fix and Supported packages

  • SPACES | 1.00 | 1.00
  • ENTERPRISE WORKSPACES 1.0 | SP001 | 000002
  • ENTERPRISE WORKSPACES 1.0 | SP002 | 000001
  • ENTERPRISE WORKSPACES 1.0 | SP003 | 000000

Affected component

    EP-EWP-SWS
    Please use EP-EWP

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1576708

TAGS

#XSS
#Stored-cross-site-scripting
#EWS.

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer