172 matches found
CVE-2026-44768
SAP CRM WebClient UI allows an attacker to inject and execute malicious scripts in the context of the application due to the absence of a Content Security Policy CSP configuration for certain restrictive directives. This vulnerability has a low impact on the integrity of the application...
CVE-2026-44768
Summary: CVE-2026-44768 affects the SAP CRM WebClient UI. The vulnerability arises from the absence of a Content Security Policy (CSP) configuration for certain restrictive directives, enabling an attacker to inject and execute malicious scripts in the application context. According to the source...
EUVD-2026-43592
SAP CRM WebClient UI allows an attacker to inject and execute malicious scripts in the context of the application due to the absence of a Content Security Policy CSP configuration for certain restrictive directives. This vulnerability has a low impact on the integrity of the application...
CVE-2026-44768 Security misconfiguration in SAP CRM (WebClient UI)
SAP CRM WebClient UI allows an attacker to inject and execute malicious scripts in the context of the application due to the absence of a Content Security Policy CSP configuration for certain restrictive directives. This vulnerability has a low impact on the integrity of the application...
CVE-2026-0488 Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)
An authenticated attacker in SAP CRM and SAP S/4HANA Scripting Editor could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impa...
CVE-2021-33676
A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged by an attacker with high privileges to compromise confidentiality, integrity, or availability of the system...
CVE-2024-41737
SAP CRM ABAP Insights Management allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application...
CVE-2024-39598
SAP CRM WebClient UI Framework allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the applicati...
EUVD-2014-8497
Malware in sbrugna...
EUVD-2014-2015
Malware in sbrugna...
EUVD-2014-8505
Malware in sbrugna...
EUVD-2021-20353
Malware in sbrugna...
EUVD-2018-14219
Malware in sbrugna...
EUVD-2015-4011
Malware in sbrugna...
EUVD-2017-6750
Malware in sbrugna...
EUVD-2015-4010
Malware in sbrugna...
EUVD-2019-1017
Malware in sbrugna...
EUVD-2019-1018
Malware in sbrugna...
EUVD-2013-6881
Malware in sbrugna...
EUVD-2017-6752
Malware in sbrugna...