source: http://www.securityfocus.com/bid/16671/info
SAP Business Connector is susceptible to an input-validation vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input.
This issue allows remote attackers to execute phishing-style attacks against targeted SAP Business Connector administrators.
The following URI example demonstrates this issue:
http://www.example.com/WmRoot/adapter-index.dsp?url=http://www.attacker.com/
京公网安备 11010502034610号
暂无评论