5 matches found
CVE-2023-23852
The CVE concerns SAP Solution Manager (System Monitoring) version 720 with a Cross‑Site Scripting (XSS) vulnerability caused by insufficient encoding of user‑controlled inputs. The issue is documented across multiple sources (NVD, Red Hat, PRION, CVE lists, and PT Security). Connected documents i...
CVE-2023-0025
Summary: CVE-2023-0025 affects SAP Solution Manager (BSP Application) version 720. An authenticated attacker can craft a malicious link that, when a user clicks it, may read or modify sensitive information or craft a payload to restrict access. What is affected: SAP Solution Manager (BSP Applicat...
CVE-2023-23855
SAP Solution Manager 720 is affected by an authenticated-user URL validation issue that enables redirection to a malicious site, potentially exposing or allowing modification of information and phishing, per CVE-2023-23855. Root cause: insufficient URL validation in the application. Public refere...
CVE-2023-0024
CVE-2023-0024 affects SAP Solution Manager (BSP Application) v720. An authenticated attacker can craft a malicious link which, when clicked by a user, may read or modify sensitive information or deliver a payload that restricts access, resulting in a Cross-Site Scripting (XSS) vulnerability. The ...
CVE-2023-49587
CVE-2023-49587 affects SAP Solution Manager 720. The vulnerability allows an authorized attacker to execute certain deprecated function modules, enabling reading or modification of data across the same or other components over the network, with no user interaction. Root cause cited in multiple so...