Unrated severityNVD Advisory· Published Jul 9, 2024· Updated Aug 2, 2024

[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation

CVE-2024-39594

Description

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause low impact on the confidentiality and integrity of the application.

Affected products

SAP Se/Sap Business Warehouse Business Planning And Simulationv5
Range: SAP_BW 700

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

me.sap.com/notes/3482217mitre
url.sap/sapsecuritypatchdaymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000