18 matches found
EUVD-2023-46919
Malicious code in bioql PyPI...
EUVD-2022-44448
Malicious code in bioql PyPI...
CVE-2023-42479
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...
CVE-2022-41207
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
SAP Biller Direct Cross-Site Scripting Vulnerability
SAP Biller Direct is a Web application from SAP Germany. It is used to present customer accounts in an Internet portal. A cross-site scripting vulnerability exists in SAP Biller Direct versions 635 and 750, which stems from the application's lack of effective filtering and escaping of user-suppli...
CVE-2023-42479
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...
CVE-2023-42479
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...
Cross site scripting
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...
CVE-2023-42479 Cross-Site Scripting (XSS) vulnerability in SAP Biller Direct
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. This can result in the disclosure or modification of non-sensitive information...
CVE-2023-42479
SAP Biller Direct is affected by CVE-2023-42479, an unauthenticated XSS vulnerability where an attacker can embed a hidden Biller Direct URL in a frame that, when loaded by a user, triggers a cross-site scripting request. This can lead to disclosure or modification of non-sensitive information. T...
CVE-2022-41207
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
CVE-2022-41207
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
Information disclosure
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
PT-2022-25730 · Sap · Sap Biller Direct
Name of the Vulnerable Software and Affected Versions: SAP Biller Direct affected versions not specified Description: The issue allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victi...
CVE-2022-41207
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
CVE-2022-41207
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim'...
CVE-2022-41207
The CVE-2022-41207 entry concerns SAP Biller Direct and describes an unauthenticated open redirect vulnerability where an unsensitized parameter in a crafted URL can redirect victims to a malicious site, potentially enabling disclosure or modification of victim information. Connected sources cons...
SAP Biller Direct 输入验证错误漏洞
SAP Biller Direct is a web application from SAP, Germany. It is used to present customer accounts in an Internet portal. SAP Biller Direct suffers from an input validation error vulnerability that stems from the fact that it allows an unauthenticated attacker to create a legitimate-looking URL...