80 matches found
CVE-2026-0514
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
CVE-2026-0514
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
CVE-2026-0514
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
CVE-2026-0514 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
CVE-2026-0514
SAP Business Connector is affected by a Cross-Site Scripting (XSS) vulnerability that allows an unauthenticated attacker to craft a malicious link which, when clicked by a user, can redirect to an attacker‑controlled site and potentially access or modify information in the webclient, impacting co...
SAP Business Connector 跨站脚本漏洞
SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector that originates in cross-site scripting and could allow an unauthenticated attacker to craft a malicious link to redirect users to a site under the attacker's control,...
PT-2026-2345
Name of the Vulnerable Software and Affected Versions SAP Business Connector affected versions not specified Description A Cross-Site Scripting XSS issue exists in SAP Business Connector. An unauthenticated attacker can create a malicious link. If a user clicks this link, they may be redirected t...
SAP Business Connector Cross-Site Scripting Vulnerability (CNVD-2025-29169)
SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...
SAP Business Connector Input Validation Error Vulnerability
SAP Business Connector is a middleware from SAP, Germany. An input validation error vulnerability exists in SAP Business Connector, which can be exploited by an attacker to disclose sensitive information and cause unauthorized operations...
SAP Business Connector Path Traversal Vulnerability
SAP Business Connector is a middleware from SAP, Germany. SAP Business Connector suffers from a path traversal vulnerability that can be exploited by an attacker to traverse directories on the system to read, write, overwrite, and delete arbitrary files on the host system...
CVE-2025-42893
Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...
CVE-2025-42886
Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...
CVE-2025-42894
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
CVE-2025-42892
Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP NetWeaver, SAP Business Connector, SAP HANA, and SAP S/4HANA. The vulnerabilities include deserialization, code injection, insufficient validation, and information disclosure. These vulnerabilities can be exploited by attackers to...
EUVD-2025-60987
Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...
EUVD-2025-60985
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...
EUVD-2025-60992
Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...
EUVD-2025-60986
Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...
CVE-2025-42893
Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...