NuytsTech Security

CVE-2018-2474

by ·

SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection.

Date published : 2018-10-09

http://www.securityfocus.com/bid/105534

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095

Tags: