Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the hyperlink in the viewer. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Fiori Client 安全漏洞
Vulnerability Description
SAP Fiori Client是德国思爱普(SAP)公司的一款用于在移动设备上运行SAP Fiori启动板的客户端程序。 SAP Fiori Client中存在安全漏洞。攻击者可利用该漏洞在嵌入的日志阅读器中执行恶意的JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A