Unrated severityNVD Advisory· Published Dec 12, 2023· Updated Aug 2, 2024
Cross-Site Scripting (XSS) vulnerability in the SAP HCM (SMART PAYE solution)
CVE-2023-49577
Description
The SAP HCM (SMART PAYE solution) - versions S4HCMCIE 100, SAP_HRCIE 600, SAP_HRCIE 604, SAP_HRCIE 608, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.
Affected products
2- Range: S4HCMCIE 100, SAP_HRCIE 600, SAP_HRCIE 604, SAP_HRCIE 608
- SAP_SE/SAP HCM (SMART PAYE solution)v5Range: S4HCMCIE 100
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.