Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Unauthorized modif. of displayed content in MIC start page, SAP security note 1417696

Description

The MIC start page could be abused by a malicious user, who could modify displayed application content without authorization.

Available fix and Supported packages

  • FINBASIS | 300 | 300
  • FINBASIS | 600 | 600
  • FINBASIS | 602 | 602
  • FINBASIS | 603 | 603
  • FINBASIS | 604 | 604
  • CGVMIC | 100 | 100
  • FINBASIS 600 | SAPK-60017INFINBASIS |
  • FINBASIS 602 | SAPK-60207INFINBASIS |
  • FINBASIS 603 | SAPK-60306INFINBASIS |
  • FINBASIS 604 | SAPK-60406INFINBASIS |
  • FINBASIS 300 | SAPK-30025INFINBASIS |
  • CGVMIC 100 | SAPK-10028INCGVMIC |

Affected component

    FIN-CGV-MIC-UI
    User Interface, Web Applications, Start Page

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1417696

TAGS

#Reflected-Cross-Site-Scripting

More to explorer