Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24528 | 1 Sap | 1 Fiori | 2023-12-10 | N/A | 6.5 MEDIUM |
| SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data. This endpoint is normally exposed over the network and successful exploitation can lead to exposure of data like travel documents. | |||||
| CVE-2020-6266 | 1 Sap | 1 Fiori | 2023-12-10 | 4.9 MEDIUM | 5.4 MEDIUM |
| SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection. | |||||
| CVE-2018-2474 | 1 Sap | 1 Fiori | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection. | |||||