Incomplete XML Validation in SAP Solution Manager Trace Analysis
CVE-2020-6260
6.5MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 10 June 2020
What is CVE-2020-6260?
A vulnerability in SAP Solution Manager (Trace Analysis) version 7.20 allows attackers to inject superfluous data due to incomplete XML validation. This issue can result in the application displaying additional data that does not actually exist, potentially misleading users or compromising data integrity.
Affected Version(s)
SAP Solution Manager (Trace Analysis) < 7.20