Symptom
Vendavo application could be vulnerable to stored cross site scripting attacks that can be exploited by an authenticated user.
Affected Parameter:callback
** Vendavo are aware of the issue and have created JIRA VEN-44117
Read more...
Environment
Vendavo Product | Version |
SAP Price and Margin Management | < 8.3.0 |
Product
SAP Price and Margin Management 5.2 by Vendavo ; SAP Price and Margin Management 5.3 by Vendavo ; SAP Price and Margin Management 6.0 by Vendavo ; SAP Price and Margin Management 6.5 by Vendavo for SAP NetWeaver 2004 ; SAP Price and Margin Management 6.5 by Vendavo for SAP NetWeaver 7.0 ; SAP Price and Margin Management 6.5.1 by Vendavo for SAP NetWeaver 2004 ; SAP Price and Margin Management 6.5.1 by Vendavo for SAP NetWeaver 2004s ; SAP Price and Margin Management 6.7 by Vendavo ; SAP Price and Margin Management 7.0 by Vendavo ; SAP Price and Margin Management 7.1 by Vendavo ; SAP Price and Margin Management 7.5 by Vendavo ; SAP Price and Margin Management 7.6 by Vendavo ; SAP Price and Margin Management 8.0 by Vendavo ; SAP Price and Margin Management 8.1 by Vendavo ; SAP Price and Margin Management 8.2 by Vendavo
Keywords
Vendavo, scripting, vulnerability, cross script, scripting, XSS, malicious, browser, HTML, cookies, session tokens, sensitive , KBA , XX-PART-PMM , Vendavo Price + Margin Mgmt. , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.