Insufficient URL Validation in SAP S/4HANA Manage Catalog Items and Cross-Catalog Searches Fiori Apps
CVE-2023-40306 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity.
Learn more about our User Device Pen Test.