Insufficient URL Validation in SAP S/4HANA Manage Catalog Items and Cross-Catalog Searches Fiori Apps

Insufficient URL Validation in SAP S/4HANA Manage Catalog Items and Cross-Catalog Searches Fiori Apps

CVE-2023-40306 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity.

Learn more about our User Device Pen Test.