CVE-2024-37173

Name of the Vulnerable Software and Affected Versions SAP CRM WebClient UI (affected versions not specified)

Description The issue is due to insufficient input validation, allowing an unauthenticated attacker to craft a URL link that embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser, giving the attacker the ability to access and/or modify information with no effect on the availability of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.