Description
A malicious user can exploit the dynamic UI framework for Internet Sales and use specially crafted inputs to modify database commands, resulting in the retrieval of additional information persisted by the system.
Available fix and Supported packages
- BBPCRM | 700 | 700
- BBPCRM | 701 | 701
- BBPCRM 700 | SAPKU70009 |
- BBPCRM 701 | SAPKU70103 |
Affected component
- CRM-ISA-TEC
Technical Infrastructure
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected].
URL
https://launchpad.support.sap.com/#/notes/1488431