SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application.
[
{
"product": "SAP Manufacturing Integration and Intelligence",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 15.0"
},
{
"status": "affected",
"version": "< 15.1"
},
{
"status": "affected",
"version": "< 15.2"
}
]
}
]