CVE-2025-42941

Name of the Vulnerable Software and Affected Versions: SAP Fiori (Launchpad) (affected versions not specified)

Description: SAP Fiori (Launchpad) is susceptible to a Reverse Tabnabbing issue stemming from insufficient external navigation protection for its link elements (<a>). An attacker with administrative user privileges could exploit this by leveraging compromised or malicious pages. The attacker does not require administrative privileges to execute the attack in certain configurations. This could lead to unintended manipulation of user sessions or exposure of sensitive information. The issue impacts the confidentiality and integrity of the system, but availability remains unaffected.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.