If the user login into the End User login Application and opens any embedded application from there and then once the child/embedded application page is open , the user logout from the End User Login Application . In this case the user session was not getting invalidated and user was able to do the operation on the open page of child/embedded application.
Available fix and Supported packages
- GRCFND_A | V1000 | V1000
- GRCFND_A | V1100 | V1100
- GRCFND_A | V8000 | V8000
- GRCFND_A V1000 | SAPK-V1024INGRCFNDA |
- GRCFND_A V1100 | SAPK-V1115INGRCFNDA |
- GRCFND_A V8000 | SAPK-V8001INGRCFNDA |
Exploit is not available.
For detailed information please contact the mail [email protected]