The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NSap S\/4hana
APPSap100101102103104105106
Related vulnerabilities
SAP CRM / S/4HANA Scripting Editor — nieautoryzowane wykonanie SQL
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does ...
Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call N...
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), a...
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messa...