GHSA-p5pq-x82g-r5vj
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
Due to insufficient input validation, SAP
CRM WebClient UI allows an unauthenticated attacker to craft a URL link which
embeds a malicious script. When a victim clicks on this link, the script will
be executed in the victim's browser giving the attacker the ability to access
and/or modify information with no effect on availability of the application.
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: September 7, 2025 6:30 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.