CVE-2018-2474

SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:fiori:1.0:*:*:*:*:erp_hcm:*:*

History

No history.

Information

Published : 2018-10-09 13:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-2474

Mitre link : CVE-2018-2474

CVE.ORG link : CVE-2018-2474


JSON object : View

Products Affected

sap

  • fiori
CWE
CWE-352

Cross-Site Request Forgery (CSRF)