Cross-Site Request Forgery in SAP CRM Java Component
CVE-2017-15296
8.8HIGH
What is CVE-2017-15296?
The Java component in SAP CRM is susceptible to a Cross-Site Request Forgery (CSRF) attack, which can allow unauthorized actions to be performed on behalf of an authenticated user. This vulnerability highlights the importance of implementing proper security measures such as anti-CSRF tokens to protect sensitive transactions within the SAP environment. For detailed information, refer to SAP Security Note 2478964 and advisory from ERPScan.