[DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation
DSECRG-11-040 SAP NetWeaver SPML - XML CSRF user creation Attacker can create a new user in J2EE Engine using CSRF attack on SPML service. Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.SAP.com Bugs: CSRF Reported: 14.03.2011 Vendor response: 15.03.2011 Date of...