CVE-2023-26457

Name of the Vulnerable Software and Affected Versions SAP Content Server version 7.53

Description The issue results from insufficient encoding of user-controlled inputs, leading to a Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data.

Recommendations For SAP Content Server version 7.53, consider implementing proper input encoding to prevent Cross-Site Scripting (XSS) attacks. As a temporary workaround, restrict access to sensitive information and monitor for any suspicious activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.