Vulnerability CVE-2024-39594
Published: 2024-07-09

Description:
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user controlled inputs,
resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After
successful exploitation, an attacker can cause low impact on the confidentiality
and integrity of the application.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://url.sap/sapsecuritypatchday
https://me.sap.com/notes/3482217
Copyright 2026, cxsecurity.com

 

Back to Top