CVE-2024-42378

Name of the Vulnerable Software and Affected Versions SAP S/4HANA eProcurement (affected versions not specified)

Description The issue is due to weak encoding of user-controlled inputs, allowing malicious scripts to be executed in the application. This can potentially lead to a Reflected Cross-Site Scripting (XSS) issue, having some minor impact on the application's confidentiality and integrity, but no impact on its availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.