CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

CVE-2025-30011

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

SAP Supplier Relationship Management 安全漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An information disclosure vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component, and can be exploited by an attacker...

SAP Supplier Relationship Management 输入验证错误漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An input validation error vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker...

SAP Supplier Relationship Management 跨站脚本漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. A cross-site scripting vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker to...

PT-2025-20806 · Sap · Sap Srm

Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to craf...