CVE-2024-37178

Name of the Vulnerable Software and Affected Versions SAP Financial Consolidation (affected versions not specified)

Description The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability. The affected endpoints are exposed over the network, and the vulnerability can exploit resources beyond the vulnerable component. On successful exploitation, an attacker can cause limited impact to the confidentiality of the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.