Vulnerabilities

CVE-2020-6210

by Fred · 10/03/2020

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting (XSS) vulnerability.

Date published : 2020-03-10

https://launchpad.support.sap.com/#/notes/2864462

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

Similar

Tags: Cybersecurity Alert