Unrated severityNVD Advisory· Published Mar 8, 2022· Updated Aug 3, 2024
CVE-2022-24399
CVE-2022-24399
Description
The SAP Focused Run (Real User Monitoring) - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting (XSS) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 200, 300
- SAP SE/SAP Focused Run (Real User Monitoring)v5Range: < 200
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/167559/SAP-FRUN-2.00-3.00-Cross-Site-Scripting.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2022/Jun/37mitremailing-listx_refsource_FULLDISC
- dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htmmitrex_refsource_MISC
- launchpad.support.sap.commitrex_refsource_MISC
News mentions
0No linked articles in our index yet.