CVE-2020-6266

Summary

SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL validation, leading to URL Redirection.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Fiori for SAP S/4HANA< 200affected
SAP SESAP Fiori for SAP S/4HANA< 300affected
SAP SESAP Fiori for SAP S/4HANA< 400affected
SAP SESAP Fiori for SAP S/4HANA< 500affected

Weaknesses

  • URL Redirection

ADP Enrichment

CVE Program Container

Additional References

References