CVE-2024-37173

CVSS V2 None CVSS V3 None
Description
Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
Overview
  • CVE ID
  • CVE-2024-37173
  • Assigner
  • sap
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-09T03:57:15.928Z
  • Last Modified Date
  • 2024-07-09T03:57:15.928Z
History
Created Old Value New Value Data Type Notes
2024-07-09 13:06:40 Added to TrackCVE