Cross-Site Scripting (XSS) Vulnerability in SAP CRM WebClient UI and S4FND

Cross-Site Scripting (XSS) Vulnerability in SAP CRM WebClient UI and S4FND

CVE-2018-2364 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability.

Learn more about our Web App Pen Testing.