PT-2026-39930 · Sap · Taf Applauncher

Published

2026-05-12

·

Updated

2026-05-12

·

CVE-2026-40137

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions SAP TAF APPLAUNCHER within Business Server Pages (affected versions not specified)
Description An unauthenticated attacker can craft malicious links that, when clicked by a victim, redirect them to attacker-controlled sites. This open redirect may expose or alter sensitive information within the victim's browser, impacting confidentiality and integrity.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-40137

Affected Products

Taf Applauncher