2 matches found
CVE-2022-41204
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack...
CVE-2022-41204
CVE-2022-41204 affects SAP Commerce versions 1905–2205 and targets the login page. A manipulated URL can inject client-side code to change the login form submission, redirecting data to an attacker-controlled server. This enables credential theft and account hijacking, impacting confidentiality, ...