CVE-2024-22130

Name of the Vulnerable Software and Affected Versions SAP CRM WebClient UI versions S4FND 102 through S4FND 108 SAP CRM WebClient UI versions WEBCUIF 700 through WEBCUIF 801

Description The print preview option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting issue. An attacker with low privileges can cause limited impact to confidentiality and integrity of the application data after successful exploitation.

Recommendations For SAP CRM WebClient UI versions S4FND 102 through S4FND 108, update to a version that includes the fix for this issue. For SAP CRM WebClient UI versions WEBCUIF 700 through WEBCUIF 801, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the print preview option in the SAP CRM WebClient UI until a patch is available.