CVE-2014-4161
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0029 (0.3%)
Percentil: 51.9%
EPSS: 2026-05-06
Afecta
sap:supplier_relationship_managementDescripción técnica
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Publicada: 13/6/2014, 14:55:18
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/58889
- https://service.sap.com/sap/support/notes/1946420
- http://blog.emaze.net/2014/05/sap-multiple-vulnerabilities.html
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/58889
- https://service.sap.com/sap/support/notes/1946420