mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
2.0 KiB
2.0 KiB
CVE-2024-37174
Description
Custom CSS support option in SAP CRM WebClientUI does not sufficiently encode user-controlled inputs resulting in Cross-SiteScripting vulnerability. On successful exploitation an attacker can causelimited impact on confidentiality and integrity of the application.
POC
Reference
No PoCs from references.