4 matches found
CVE-2023-29110
The CVE-2023-29110 issue affects SAP Application Interface (Message Dashboard) across multiple releases: AIF 703, AIFX 702, S4CORE 100/101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is that the application allows unrestricted HTML markup, enabling an authorized attacker to use basic ...
CVE-2024-21737
In SAP Application Interface Framework File Adapter - version 702, CVE-2024-21737 describes a code/injection path where a high-privilege user can traverse through layers via a function module and directly execute operating-system commands, allowing control over application behavior. The vulnerabi...
CVE-2023-29111
CVE-2023-29111 affects SAP Application Interface Framework (AIF) ODATA service versions 755 and 756. The vulnerability arises from excessive information disclosure in the AIF component, allowing an authorized attacker to leverage disclosed details to potentially exploit the component, with a low ...
CVE-2023-29109
CVE-2023-29109 affects SAP Application Interface Framework (Message Dashboard) across AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is an Excel formula injection in fields such as the Tooltip of the Custom Hints List, which can execute when the victim opens...