CVE-2023-24525
SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application.
| Software | From | Fixed in |
|---|---|---|
| sap / customer_relationship_management_webclient_ui | 7.01 | 7.01.x |
| sap / customer_relationship_management_webclient_ui | 7.31 | 7.31.x |
| sap / customer_relationship_management_webclient_ui | 7.48 | 7.48.x |
| sap / customer_relationship_management_webclient_ui | 8.00 | 8.00.x |
| sap / customer_relationship_management_webclient_ui | 8.01 | 8.01.x |
| sap / customer_relationship_management_webclient_ui | 7.00 | 7.00.x |
| sap / customer_relationship_management_webclient_ui | 7.02 | 7.02.x |
| sap / customer_relationship_management_webclient_ui | 7.40 | 7.40.x |
| sap / customer_relationship_management_webclient_ui | 7.50 | 7.50.x |
| sap / customer_relationship_management_webclient_ui | 7.52 | 7.52.x |
| sap / s4fnd | 1.02 | 1.02.x |
| sap / s4fnd | 1.03 | 1.03.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime