4 matches found
CVE-2025-24868
creationtimestamp| type| source ---|---|--- 2025-02-11 01:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuicv755i23 2025-02-11 01:26:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113982647697373406 2025-02-11 03:01:32+00:00| seen|...
CVE-2025-24868
The User Account and Authentication service UAA for SAP HANA extended application services, advanced model SAP HANA XS advanced model allows an unauthenticated attacker to craft a malicious link, that, when clicked by a victim, redirects the browser to a malicious site due to insufficient redirec...
CVE-2025-24868
CVE-2025-24868 relates to SAP HANA XS Advanced (UAA) where an unauthenticated attacker can craft a link that redirects victims’ browsers to a malicious site due to insufficient redirect URL validation. Documented impact is limited to confidentiality, integrity, and availability. Affected componen...
CVE-2025-24868 Open Redirect Vulnerability in SAP HANA extended application services, advanced model (User Account and Authentication Services)
The User Account and Authentication service UAA for SAP HANA extended application services, advanced model SAP HANA XS advanced model allows an unauthenticated attacker to craft a malicious link, that, when clicked by a victim, redirects the browser to a malicious site due to insufficient redirec...