Unrated severityNVD Advisory· Published Jul 9, 2024· Updated Aug 2, 2024

[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation

CVE-2024-39595

Description

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user-controlled inputs, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This vulnerability allows users to modify website content and on successful exploitation, an attacker can cause low impact to the confidentiality and integrity of the application.

Affected products

SAP Se/Sap Business Warehouse Business Planning And Simulationv5
Range: SAP_BW 700

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

me.sap.com/notes/3482217mitre
url.sap/sapsecuritypatchdaymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000