Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2020-6206

Description

SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery.

POC

Reference

- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

Github

No PoCs found on GitHub currently.