← Back

Business One On Hana

business_one_on_hana

Vendor: Sap • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-2502
1Sap
1Business One On Hana
Nov 21, 2024
Dec 11, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
TRACE method is enabled in SAP Business One Service Layer . Attacker can use XST (Cross Site Tracing) attack if frontend applications that are using Service Layer has a XSS vulnerability. This has been fixed in SAP Busin...Show more
TRACE method is enabled in SAP Business One Service Layer . Attacker can use XST (Cross Site Tracing) attack if frontend applications that are using Service Layer has a XSS vulnerability. This has been fixed in SAP Business One Service Layer (B1_ON_HANA, versions 9.2, 9.3).Show less