13 matches found
CVE-2026-40137
SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
CVE-2026-40137 Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
CVE-2026-40137 Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
CVE-2026-40137
SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
CVE-2026-24328 Open Redirection vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
SAP TAFAPPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
CVE-2026-24328
SAP TAF_APPLAUNCHER (Business Server Pages) is affected by an open redirection issue where an unauthenticated attacker can craft links that redirect victims to attacker-controlled sites, potentially exposing or altering sensitive information in the victim’s browser. The publicly provided document...
CVE-2026-24328 Open Redirection vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
SAP TAFAPPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...
PT-2026-7227
Name of the Vulnerable Software and Affected Versions SAP affected versions not specified Description An unauthenticated attacker can create malicious links. Clicking these links by a victim redirects them to attacker-controlled sites, potentially exposing or altering sensitive information within...
Malicious code in taf-three-dimensional-view (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3019ee1a4da6ba81d0721c4cccfd580bc1f3a9f6aeba72ec8270c591dbfc6a88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6412 Malicious code in taf-three-dimensional-view (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3019ee1a4da6ba81d0721c4cccfd580bc1f3a9f6aeba72ec8270c591dbfc6a88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
taf-gmbh.com Cross Site Scripting vulnerability OBB-1463492
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Avia Weather - METAR & TAF - MIT license, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Avia Weather - METAR & TAF published at the 'play' market has multiple vulnerabilities...
Aviation weather (METAR / TAF) - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities
HackApp vulnerability scanner discovered that application Aviation weather METAR / TAF published at the 'play' market has multiple vulnerabilities...