SAP HCM Travel Management is a travel management module from SAP. A cross-site scripting vulnerability exists in SAP HCM Travel Management that stems from insufficiently encoded user input and can be exploited by an attacker to cause a cross-site scripting (XSS) attack.