Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in BSP Applications of SAP Document Management System
Vulnerability Description
The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
SAP E-Recruiting BSP 跨站脚本漏洞
Vulnerability Description
SAP E-Recruiting BSP是德国思爱普(SAP)公司的一个招聘流程管理模块。 SAP E-Recruiting BSP存在跨站脚本漏洞,该漏洞源于用户控制的URL参数验证不足,可能导致未经验证的重定向到攻击者控制的网站。
CVSS Information
N/A
Vulnerability Type
N/A