The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.
References
Link | Resource |
---|---|
https://me.sap.com/notes/3369680 | Permissions Required |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2023-09-12T01:59:03.570Z
Updated: 2023-09-12T01:59:03.570Z
Reserved: 2023-08-29T05:27:56.301Z
Link: CVE-2023-41369
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T02:15:12.983
Modified: 2023-09-14T02:11:35.203
Link: CVE-2023-41369
JSON object: View
Redhat Information
No data.
CWE