CVE-2023-23855

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to...

CVE-2023-0025

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...

CVE-2023-23852

SAP Solution Manager System Monitoring - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2023-0024

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in...

CVE-2023-0024

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in...

Design/Logic Flaw

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...

Cross site scripting

SAP Solution Manager System Monitoring - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

Design/Logic Flaw

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to...

Cross site scripting

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in...

CVE-2023-23855

SAP Solution Manager 720 is affected by an authenticated-user URL validation issue that enables redirection to a malicious site, potentially exposing or allowing modification of information and phishing, per CVE-2023-23855. Root cause: insufficient URL validation in the application. Public refere...

CVE-2023-23855

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to...

CVE-2023-23855

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to...

CVE-2023-23852

SAP Solution Manager System Monitoring - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2023-23852

The CVE concerns SAP Solution Manager (System Monitoring) version 720 with a Cross‑Site Scripting (XSS) vulnerability caused by insufficient encoding of user‑controlled inputs. The issue is documented across multiple sources (NVD, Red Hat, PRION, CVE lists, and PT Security). Connected documents i...

CVE-2023-23852

SAP Solution Manager System Monitoring - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2023-0025

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...

CVE-2023-0025

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...

CVE-2023-0025

Summary: CVE-2023-0025 affects SAP Solution Manager (BSP Application) version 720. An authenticated attacker can craft a malicious link that, when a user clicks it, may read or modify sensitive information or craft a payload to restrict access. What is affected: SAP Solution Manager (BSP Applicat...

CVE-2023-0024

SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in...

CVE-2023-0024

CVE-2023-0024 affects SAP Solution Manager (BSP Application) v720. An authenticated attacker can craft a malicious link which, when clicked by a user, may read or modify sensitive information or deliver a payload that restricts access, resulting in a Cross-Site Scripting (XSS) vulnerability. The ...