CVE-2018-2463

Name of the Vulnerable Software and Affected Versions SAP Hybris Commerce versions 6.*

Description The issue is related to a misconfiguration of the XML parser used in the server-side implementation of the Omni Commerce Connect API (OCC), making it vulnerable to server-side request forgery (SSRF) attacks.

Recommendations For SAP Hybris Commerce versions 6.*, reconfigure the XML parser to prevent SSRF attacks.