CVE-2020-6206

Summary

SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Cloud Platform Integration for Data Services< 1.0affected

Weaknesses

  • Cross Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References