VYPR
Unrated severityNVD Advisory· Published Jun 13, 2014· Updated Jun 17, 2026

CVE-2014-4161

CVE-2014-4161

Description

Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Affected products

2
  • cpe:2.3:a:sap:supplier_relationship_management:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sap:supplier_relationship_management:-:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.