4 matches found
CVE-2025-23191
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...
CVE-2025-23191 Cache Poisoning through header manipulation vulnerability in SAP Fiori for SAP ERP
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...
CVE-2025-23191 Cache Poisoning through header manipulation vulnerability in SAP Fiori for SAP ERP
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...
CVE-2025-23191
CVE-2025-23191 describes a cache-poisoning vulnerability in the SAP OData endpoint of SAP Fiori for SAP ERP . By modifying the HTTP GET Host header, an attacker can corrupt cached values and alter the atom:link metadata, redirecting clients to attacker-controlled links. The documented impact is d...