7 matches found
EUVD-2017-6752
Malware in sbrugna...
EUVD-2023-32790
Malicious code in bioql PyPI...
CVE-2024-37173
Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...
CVE-2023-27897
In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform...
CVE-2025-27430
SAP CRM and SAP S/4HANA (Interaction Center) are affected by a server-side request forgery (SSRF) vulnerability. The vulnerability allows an attacker with low privileges to access internal network resources, compromising confidentiality with no impact on integrity or availability. The CVSS 3.1 ve...
CVE-2023-30742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)
SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 700, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting...
PT-2023-22946 · Sap · Sap Crm +1
Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions S4FND 102 through S4FND 107, WEBCUIF 700 through WEBCUIF 801 Description: The issue arises from insufficient encoding of user-controlled inputs, leading to a stored Cross-Site Scripting XSS vulnerability. An...