CVE-2026-0505 Multiple vulnerabilities in BSP Applications of SAP Document Management System

🗓️ 10 Feb 2026 03:01:30Reported by sapType

Unauthenticated SAP BSP apps allow URL manipulation causing unvalidated redirects with low impact.

Reporter	Title	Published	Views	Family All 7
CNNVD	SAP E-Recruiting BSP 跨站脚本漏洞	10 Feb 202600:00	–	cnnvd
CVE	CVE-2026-0505	10 Feb 202603:01	–	cve
NCSC	Vulnerabilities fixed in SAP products	10 Feb 202612:28	–	ncsc
NVD	CVE-2026-0505	10 Feb 202604:16	–	nvd
Positive Technologies	PT-2026-7205	10 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-0505	11 Feb 202607:30	–	redhatcve
Vulnrichment	CVE-2026-0505 Multiple vulnerabilities in BSP Applications of SAP Document Management System	10 Feb 202603:01	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Document Management System",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_APPL 618"
      },
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      },
      {
        "status": "affected",
        "version": "109"
      },
      {
        "status": "affected",
        "version": "EA-APPL 600"
      },
      {
        "status": "affected",
        "version": "602"
      },
      {
        "status": "affected",
        "version": "603"
      },
      {
        "status": "affected",
        "version": "604"
      },
      {
        "status": "affected",
        "version": "605"
      },
      {
        "status": "affected",
        "version": "606"
      },
      {
        "status": "affected",
        "version": "617"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3678417
url	www.url.sap/sapsecuritypatchday

10 Feb 2026 03:01Current

CVSS 3.16.1

EPSS0.00034

CWE-79