CVE-2022-41207

SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. When clicked by an unsuspecting victim, it will use an unsensitized parameter to redirect the victim to a malicious site of the attacker's choosing which can result in disclosure or modification of the victim's information.
Configurations

Configuration 1

cpe:2.3:a:sap:biller_direct:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:biller_direct:635:*:*:*:*:*:*:*

Information

Published : 2022-11-08 10:15

Updated : 2022-11-09 03:51


NVD link : CVE-2022-41207

Mitre link : CVE-2022-41207

Products Affected
No products.
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')