327 matches found
CVE-2026-24315
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
CVE-2026-24315
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
CVE-2026-24315
SAP Fiori Launchpad is affected by a vulnerability where crafted malicious URLs can trigger arbitrary service calls on the Fiori domain, potentially leading to credential theft after user interaction. Exploitation is described as requiring advanced knowledge of the system, with impact limited to ...
CVE-2026-24315
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
EUVD-2026-35277
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
CVE-2026-24315 Path Traversal Vulnerability in SAP Fiori (launchpad)
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
PT-2026-47528
SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could compromise accounts by stealing user credentials. Successful exploitation requires adversaries to possess advanced knowledge of the system...
SAP Fiori 安全漏洞
SAP Fiori is a design system developed by SAP, a German company, aimed at enhancing the user experience UX for SAP applications. It provides designers and developers with tools and guidelines to quickly develop applications that work on any platform, offering creators and users a consistent and...
CVE-2026-23688
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688 Missing Authorization check in SAP Fiori App (Manage Service Entry Sheets - Lean Services)
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
CVE-2026-23688
CVE-2026-23688 affects SAP Fiori App Manage Service Entry Sheets. The issue is insufficient authorization checks for an authenticated user, enabling privilege escalation with low impact to integrity; confidentiality and availability are unaffected. CVSS 3.1 vector yields a base score of 4.3 (MEDI...
CVE-2026-23688 Missing Authorization check in SAP Fiori App (Manage Service Entry Sheets - Lean Services)
SAP Fiori App Manage Service Entry Sheets does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on integrity, confidentiality and availability are not impacted...
SAP Fiori app 安全漏洞
The SAP Fiori App is a corporate application developed by the German company SAP. The SAP Fiori App has a security vulnerability, which stems from failing to perform necessary authorization checks on authenticated users, potentially leading to privilege escalation...
CVE-2026-23683
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...
CVE-2026-23683 Missing Authorization check in SAP Fiori App (Intercompany Balance Reconciliation)
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...
CVE-2026-23683
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...
EUVD-2026-4844
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...