Unauthorized modification of displayed content in BSPs GADGET_CREATOR
The BSPs GADGET_CREATOR and GADGET_STARTER can be abused by a malicious user allowing them to modify displayed application content without authorization and to potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- SAP_BASIS | 702 | 702
- SAP_BASIS 702 | SAPKB70204 |
Web Dynpro ABAP
Exploit is not available.
For detailed information please contact the mail [email protected]