Medium severity5.4NVD Advisory· Published Jun 15, 2017· Updated Jun 17, 2026
CVE-2017-9613
CVE-2017-9613
Description
Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors before b1705.1234962 allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:sap:successfactors:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:successfactors:*:*:*:*:*:*:*:*range: <=b1702p5e.1190658
- (no CPE)range: < b1705.1234962
Patches
Vulnerability mechanics
References
4- seclists.org/bugtraq/2017/Jun/27nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/99072nvdThird Party AdvisoryVDB Entry
- packetstormsecurity.com/files/142952/SAP-Successfactors-b1702p5e.1190658-Cross-Site-Scripting.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/540731/100/0/threadednvd
News mentions
0No linked articles in our index yet.