Insufficient URL Validation in SAP Solution Manager 720 Allows for User Redirection to Malicious Sites

Insufficient URL Validation in SAP Solution Manager 720 Allows for User Redirection to Malicious Sites

CVE-2023-23855 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to read or modify the information or expose the user to a phishing attack. As a result, it has a low impact to confidentiality, integrity and availability.

Learn more about our Phishing Simulation.