PT-2026-2329 · Sap · Sap Fiori App Intercompany Balance Reconciliation
Published
2026-01-12
·
Updated
2026-01-13
·
CVE-2026-0493
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SAP Fiori App Intercompany Balance Reconciliation (affected versions not specified)
Description
A Cross-Site Request Forgery (CSRF) issue exists in SAP Fiori App Intercompany Balance Reconciliation. An attacker may be able to perform actions that alter system state by using an unexpected request type. This deviation from expected request behavior could allow an attacker to perform actions on behalf of a logged-in user. This has a low impact on system integrity and does not affect confidentiality or availability.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Fiori App Intercompany Balance Reconciliation