CVE-2023-0024

Name of the Vulnerable Software and Affected Versions SAP Solution Manager (BSP Application) version 720

Description The issue allows an authenticated attacker to craft a malicious link. When clicked by an unsuspecting user, this link can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources, resulting in a Cross-Site Scripting issue.

Recommendations For SAP Solution Manager (BSP Application) version 720, consider disabling the feature that allows users to click on crafted links until a patch is available. Restrict access to sensitive information and resources to minimize the risk of exploitation. Avoid using the application until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.