CVE-2018-2491
SAP Fiori Client (Android) is affected by a vulnerability where, when a deep link URL is opened and the log level is set to Debug, the client logs the URL to a log file. If the logged URL contains malicious JavaScript, it can be executed inside the app’s embedded log viewer when a user opens the ...