Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2023-41369

The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, 107, 108, allows an attacker to upload the XML file as an attachment. When clicked on the XML file in the attachment section, the file gets opened in the browser to cause the entity loops to slow down the browser.

  • Published: Sep 12, 2023
  • Updated: Sep 15, 2023
  • CVE: CVE-2023-41369
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWEs:

OWASP TOP 10:

Software From Fixed in
sap / s/4_hana 102 102.x
sap / s/4_hana 103 103.x
sap / s/4_hana 104 104.x
sap / s/4_hana 105 105.x
sap / s/4_hana 101 101.x
sap / s/4_hana 106 106.x
sap / s/4_hana 107 107.x
sap / s/4_hana 100 100.x
sap / s/4_hana 108 108.x