Security Advisory

CVE-2018-2474

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-09 13:00:00

Last updated 2024-08-05 04:21:34

Assigner sap

State PUBLISHED

Description

SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection.

← Browse all CVEs View on cve.org ↗