SAP NetweaverMedium

SAP Java CSV Injection

February 9, 2018

By exploiting this vulnerability, an unauthenticated attacker could inject malicious code in the back-office application to get or modify information systems.

Please fill out the form to download the security advisory.

SAP Solution ManagerHigh

Arbitrary execution of RFC functions through CCM_AGS_CC_SIM_API_START

SAP Solution ManagerMedium

Reflected Cross Site Scripting in CRM_BSP_FRAME class

SAP Solution ManagerMedium

Reflected Cross Site Scripting in CL_HTTP_EXT_SERVICE_POST_DEMO class