SAP Disclosure Management before 10.1 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability
SAP Disclosure Management before 10.1 suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability
The information has been provided by Deniz Cevik
The original article can be found at:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533671771
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting.
SAP Disclosure Management before version 10.1