The Java administration console in SAP CRM has XSS. This is SAP Security Note 2478964.
https://erpscan.io/advisories/erpscan-17-035-xss-crm-administration-console-java/
http://www.securityfocus.com/bid/99532
https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/
Source: Mitre, NVD
Published: 2017-10-16
Updated: 2025-04-20
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS: 0.00326
