PT-2024-9880 · Sap · Sap Business Warehouse - Business Planning/Simulation
Published
2024-07-08
·
Updated
2025-10-28
·
CVE-2024-39595
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
SAP Business Warehouse - Business Planning and Simulation (affected versions not specified)
Description:
The issue is related to Stored Cross-Site Scripting (XSS) due to insufficient encoding of user-controlled inputs. This allows users to modify website content, and upon successful exploitation, an attacker can cause low impact to the confidentiality and integrity of the application. The vulnerability can be exploited by a remote attacker to conduct cross-site scripting attacks.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Business Warehouse - Business Planning/Simulation