Posted by Onapsis Research Team on Sep 29

Onapsis Security Advisory 2015-017: SAP HANA XSJS Code Injection in
test-net.xsjs

1. Impact on Business
=====================

By exploiting this vulnerability a remote authenticated attacker would
be able to
partially compromise the SAP system as well as all the information
processed and stored in the HANA system.

Risk Level: Medium

2. Advisory Information
=======================

– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
-…