CVE-2024-42378

CVSS V2 None CVSS V3 None
Description
Due to weak encoding of user-controlled inputs, eProcurement on SAP S/4HANA allows malicious scripts to be executed in the application, potentially leading to a Reflected Cross-Site Scripting (XSS) vulnerability. This has no impact on the availability of the application, but it can have some minor impact on its confidentiality and integrity.
Overview
  • CVE ID
  • CVE-2024-42378
  • Assigner
  • sap
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-09-10T02:41:47.517Z
  • Last Modified Date
  • 2024-09-10T02:41:47.517Z
History
Created Old Value New Value Data Type Notes
2024-09-10 13:11:40 Added to TrackCVE