The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.
History

Wed, 25 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2023-09-12T01:59:03.570Z

Updated: 2024-09-25T15:33:02.395Z

Reserved: 2023-08-29T05:27:56.301Z

Link: CVE-2023-41369

cve-icon Vulnrichment

Updated: 2024-08-02T19:01:34.245Z

cve-icon NVD

Status : Modified

Published: 2023-09-12T02:15:12.983

Modified: 2024-11-21T08:21:10.440

Link: CVE-2023-41369

cve-icon Redhat

No data.