2 matches found
CVE-2023-49577
CVE-2023-49577 affects SAP HCM (SMART PAYE solution) versions S4HCMCIE 100, SAP_HRCIE 600, 604, 608. Root cause is insufficient encoding of user-controlled inputs, enabling cross-site scripting (XSS). Impact is limited to confidentiality and integrity of the application; no availability impact. E...
CVE-2026-34264
The CVE concerns SAP Human Capital Management for SAP S/4HANA where during authorization checks the system returns messages that allow an authenticated, low-privilege user to guess and enumerate content beyond their scope. This leads to disclosure of sensitive information (confidentiality impact:...