Read Time:23 Second
Posted by Onapsis Research via Fulldisclosure on Jun 21
# Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS)
vulnerability in SAP Fiori launchpad
## Impact on Business
Impact depends on the victim’s privileges. In most cases, a successful
attack
allows an attacker to hijack a session, or force the victim to perform
undesired
requests in the SAP System (CSRF) as well as redirected to arbitrary web
site
(Open Redirect).
## Advisory Information
– Public Release Date: 06/21/2022
-…