Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-0023

Опубликовано: 10 янв. 2023
Источник: nvd
CVSS3: 4.5
CVSS3: 5.7
EPSS Низкий

Описание

In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:bank_account_management:800:*:*:*:*:*:*:*
cpe:2.3:a:sap:bank_account_management:900:*:*:*:*:*:*:*

EPSS

Процентиль: 40%
0.00183
Низкий

4.5 Medium

CVSS3

5.7 Medium

CVSS3

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-698h-8x23-xm39

CVSS3: 5.7
github
около 3 лет назад

In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application.

EPSS

Процентиль: 40%
0.00183
Низкий

4.5 Medium

CVSS3

5.7 Medium

CVSS3

Дефекты

CWE-200