Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1512106-3)
SAP Support Packages
(SAPK-40013INCRMIS, SAPK-52012INCRMUIF, SAPK-60011INCRMUIF, SAPK-70009INWEBCUIF, SAPK-70103INWEBCUIF, SAPK-73001INWEBCUIF, SAPKA70024)
Описание
Interaction Center executes certain functions through referencing specific URLs. When an attacker tricks an authenticated user's browser into making a request containing a certain URL and specific parameters, the function is executed with the rights of the user.
If present, the attacker may use a Cross Site Scripting attack to trigger the exploit, or use an approach in which a link to click is presented to the victim.
If present, the attacker may use a Cross Site Scripting attack to trigger the exploit, or use an approach in which a link to click is presented to the victim.
Как исправить
Implement the following correction instructions.
Ссылки