Описание
SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:cloud_platform_integration:1.0:*:*:*:*:data_services:*:*
EPSS
Процентиль: 38%
0.00165
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery.
EPSS
Процентиль: 38%
0.00165
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-352