SAP Solution Manager version 7.20 XML Injection (aka Blind XPath Injection) Vulnerability
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation.
The information has been provided by Vendor
The original article can be found at:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=547426775
The application shows additional data that do not actually exist.
SAP Solution Manager version 7.20