Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/01/27 12:22 a.m.2 views

CVE-2026-23683 Missing Authorization check in SAP Fiori App (Intercompany Balance Reconciliation)

SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted...

4.3CVSS5.9AI score0.00046EPSS
Exploits0References2
NVD
NVDadded 2026/01/13 2:15 a.m.6 views

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS0.00041EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/13 12:0 a.m.3 views

PT-2026-2329

Name of the Vulnerable Software and Affected Versions SAP Fiori App Intercompany Balance Reconciliation affected versions not specified Description A Cross-Site Request Forgery CSRF issue exists in SAP Fiori App Intercompany Balance Reconciliation. An attacker may be able to perform actions that...

4.3CVSS6.2AI score0.00016EPSS
Exploits0References4
NVD
NVDadded 2025/09/09 2:15 a.m.2 views

CVE-2025-42923

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...

4.3CVSS0.00032EPSS
Exploits0References2
OSV
OSVadded 2023/02/14 4:15 a.m.2 views

CVE-2023-24528

SAP Fiori apps for Travel Management in SAP ERP My Travel Requests - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/03/09 12:0 a.m.10 views

SAP Fiori 跨站脚本漏洞

SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. A cross-site scriptin...

6.1CVSS6.8AI score0.00727EPSS
Exploits2References8
CNVD
CNVDadded 2020/03/12 12:0 a.m.3 views

SAP Fiori Cross-Site Scripting Vulnerability

SAP Fiori is a content management system. A cross-site scripting vulnerability exists in SAP Fiori, which can be exploited by an attacker to execute malicious scripts...

6.1CVSS6.3AI score0.00421EPSS
Exploits0References1
OSV
OSVadded 2020/03/10 9:15 p.m.3 views

CVE-2020-6210

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting XSS vulnerability...

6.1CVSS6.1AI score0.00421EPSS
Exploits0References2
Rows per page
Query Builder