CVE-2014-4161CVE-2014-4161

Affected configuration(s):

cpe:/a:sap:supplier_relationship_management:-

Date published: 2014-06-13T10:55:18.087-04:00

Date last modified: 2014-06-16T10:33:49.290-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html

Summary: Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *