Vulnerabilities

CVE-2022-39799

by Fred · 13/09/2022

An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.

Date published : 2022-09-13

https://github.com/cla-assistant/cla-assistant/security/advisories/GHSA-jjjv-grgr-v8h3

https://launchpad.support.sap.com/#/notes/3229820

Similar

Tags: Cybersecurity Alert