CVE-2021-42063

Name of the Vulnerable Software and Affected Versions SAP Knowledge Warehouse versions 7.30 through 7.50

Description A security issue has been discovered that enables unauthorized attackers to conduct XSS attacks, potentially leading to the disclosure of sensitive data. This is due to the usage of a specific SAP KW component within a Web browser. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the usage of the "SAPIrExtHelp" component, which allows for Reflected XSS attacks.

Recommendations For SAP Knowledge Warehouse versions 7.30 through 7.50, consider disabling the "SAPIrExtHelp" component to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.