CVE-2006-0731

Name of the Vulnerable Software and Affected Versions SAP Business Connector Core Fix versions prior to 8

Description The issue allows remote attackers to conduct spoofing attacks via an absolute URL in the url parameter, which loads the URL inside a frame. This can be exploited by providing a malicious absolute URL.

Recommendations For SAP Business Connector Core Fix versions prior to 8, update to a version newer than 7 to resolve the issue. As a temporary workaround, consider restricting access to the url parameter in the WmRoot/adapter-index.dsp to minimize the risk of exploitation.