The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-04-11T03:03:09.047Z

Updated: 2024-08-02T14:00:15.216Z

Reserved: 2023-03-31T10:01:53.360Z

Link: CVE-2023-29112

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-11T04:16:08.247

Modified: 2024-11-21T07:56:34.367

Link: CVE-2023-29112

cve-icon Redhat

No data.