Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim's information.
CVSS Information
N/A
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
SAP Biller Direct 输入验证错误漏洞
Vulnerability Description
SAP Biller Direct是德国思爱普(SAP)公司的一个 Web 应用程序。用于在 Internet 门户中展示客户帐户。 SAP Biller Direct存在输入验证错误漏洞,该漏洞源于其允许未经身份验证的攻击者创建一个看起来合法的URL。当不知情的受害者点击时,它将使用一个不敏感的参数将受害者重定向到攻击者选择的恶意网站,这可能导致受害者的信息泄露或修改。
CVSS Information
N/A
Vulnerability Type
N/A