SAP.CFolders.XSS
Description
This indicates an attack attempt against a Cross Site Scripting vulnerability in SAP cFolders.
The vulnerability is a result of the user input filter's failure to properly sanitize the "p_current_role" parameter that is passed to "col_table_filter.htm". An attacker may include javascript code by supplying an injection string through the URL.
Affected Products
SAP cFolders
Impact
Information Disclosure.
Recommended Actions
Refer to the vendor's web site for a suggested workaround.
https://websmp230.sap-ag.de/sap/support/notes/1284360
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |