A vulnerability was found in SAP CRM WebClient UI 105/106/S4FND 104 and classified as problematic. This issue affects some unknown processing. The manipulation results in permissive cross-domain policy with untrusted domains.
| Vendor | Product | Versions |
|---|---|---|
| sap | sap crm (webclient ui) | S4FND 104, 105, 106 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| sap | sap software | cert_advisory | 90% |
Updated description with new details about the cross-domain policy issue and marked the vulnerability as actively exploited.
Initial creation