cvedb.io
CVE-2023-29112
LOW · CVSS 3.7
EPSS exploitation probability: 0%
Published 2023-04-11T04:16:08.247 · Last modified 2026-06-17T05:49:23.213

Summary

The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limited impact on the confidentiality and integrity of the application.

Affected products

sap — application_interface

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.