SAP CRM WebClient Cross-Site Scripting Vulnerability
CVE-2024-37174
6.1MEDIUM
What is CVE-2024-37174?
Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability. On successful exploitation an attacker can cause limited impact on confidentiality and integrity of the application.
Affected Version(s)
SAP CRM WebClient UI S4FND 102
SAP CRM WebClient UI S4FND 102
SAP CRM WebClient UI S4FND 103