Описание
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:disclosure_management:10.1:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00101
Низкий
4.3 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forgery, which could be used to trick user in to browsing malicious site.
EPSS
Процентиль: 28%
0.00101
Низкий
4.3 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352