CVE-2024-34686

Name of the Vulnerable Software and Affected Versions SAP CRM WebClient UI (affected versions not specified)

Description The issue arises due to insufficient input validation, allowing an unauthenticated attacker to craft a URL link that embeds a malicious script. When a victim clicks on this link, the script is executed in the victim's browser, giving the attacker the ability to access and/or modify information without affecting the application's availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.