Unrated severityNVD Advisory· Published Sep 12, 2023· Updated Sep 25, 2024
External Entity Loop vulnerability in SAP S/4HANA (Create Single Payment application)
CVE-2023-41369
Description
The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.
Affected products
2- SAP_SE/SAP S/4HANA (Create Single Payment application)v5Range: 100
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.