This note concerns the following problem cases in the Business Server Page (BSP) of the article list retraction application:
- 1. Unauthorized use of application functions using the article list BSP.
A malicious user can execute functions of the article list BSP without authentication and authorization.
- 2. Unauthorized modification of stored content in the article list BSP.
The article list BSP can be abused by a malicious user, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- BI_CONT | 704 | 704
- BI_CONT | 705 | 705
- BI_CONT | 735 | 735
- BI_CONT 704 | SAPK-70411INBICONT |
- BI_CONT 705 | SAPK-70504INBICONT |
- BI_CONT 735 | SAPK-73503INBICONT |
BW only – Retail and Consumer Products
Exploit is not available.
For detailed information please contact the mail [email protected]