Insufficient URL Validation in SAP Fiori for SAP S/4HANA: A Potential for Malicious Site Redirection
CVE-2020-6266 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection.
Learn more about our User Device Pen Test.