Описание
SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the confidentiality and integrity of the application without affecting the availability.
EPSS
4.6 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the confidentiality and integrity of the application without affecting the availability.
Уязвимость функции OData программной платформы SAP S/4HANA, позволяющая нарушителю оказывать влияние на целостность и конфиденциальность защищаемой информации
EPSS
4.6 Medium
CVSS3