Posted by ERPScan inc on Jul 15

Application: SAP xMII

Versions Affected: SAP xMII 15

Vendor URL: http://SAP.com

Bugs: XSS

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 12.04.2016

Reference: SAP Security Note 2201295

Author: Nursultan Abubakirov (ERPScan) , Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP xMII – Reflected XSS vulnerability

Advisory ID: [ERPSCAN-16-021]

Risk: medium

Advisory…