CVE-2023-40306
published 2023-09-08CVE-2023-40306: SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps allow an attacker to redirect users to a malicious site due to insufficient URL validation. As a result, it may have a slight impact on confidentiality and integrity.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap | s_4hana | — | — |
| sap_se | sap_s_4hana | — | — |
| sap_se | sap_s_4hana | — | — |
| sap_se | sap_s_4hana | — | — |
| sap_se | sap_s_4hana | — | — |