CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors

From: dunstan.pinto@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors
Date:


CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors

Severity: High

Vendor: SAP

Versions Affected: SAP successfactors - Release build b1702p5e.1190658

Description: Stored Cross-site scripting (XSS) vulnerability in SAP Successfactors allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.

Resolution: SAP has fixed this in Release build b1705.1234962





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.