Unrated severityNVD Advisory· Published Oct 11, 2022· Updated May 20, 2025
CVE-2022-41204
CVE-2022-41204
Description
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack accounts. A successful attack could compromise the Confidentiality, Integrity, and Availability of the system.
Affected products
2- Range: 1905, 2005, 2105, 2011, 2205
- SAP SE/SAP Commercev5Range: 1905
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.