Sap Se Sap Fiori vulnerabilities

CVE-2025-42941 [LOW] CWE-1022 CVE-2025-42941: SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external n SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link () elements. An attacker with administrative user privileges could exploit this by leveraging compromised or malicious pages. While administrative access is necessary for certain configurations, the attacker does not n

CVE-2020-6283 [MEDIUM] CWE-79 CVE-2020-6283: SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the atta SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting (XSS) vulnerability. With a successful attack, the attacker can steal authentication information of the user, such as data rel