Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1682054-2)
SAP Support Packages
(SAPK-70203INSRMSRV)
Описание
The BSP applications using an extension tag relies on this proper encoding. Missing or improper encoding within an extension may lead to XSS vulnerabilities in the BSP applications using the extension.
The BSP tags of BSP extension SRMSUS might be misused in clients modifications because of missing encoding of _ALL_ attribute values passed to this extension.
The BSP tags of BSP extension SRMSUS might be misused in clients modifications because of missing encoding of _ALL_ attribute values passed to this extension.
Как исправить
Ссылки