CVE-2020-6260

Name of the Vulnerable Software and Affected Versions SAP Solution Manager (Trace Analysis) version 7.20

Description The issue allows an attacker to inject superfluous data that can be displayed by the application due to Incomplete XML Validation. This results in the application showing additional data that do not actually exist.

Recommendations For SAP Solution Manager (Trace Analysis) version 7.20, consider restricting the input validation to prevent superfluous data injection until a patch is available. As a temporary workaround, review and validate all XML data to ensure it conforms to expected formats and does not contain malicious input.