SAP Electronic Ledger Management for Turkey Cross Site Request Forgery Vulnerability



SAP Electronic Ledger Management for Turkey is prone to an unspecified cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.

SAP Electronic Ledger Management for Turkey 1.0 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 100712
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Sep 12 2017 12:00AM
Updated: Sep 12 2017 12:00AM
Credit: The vendor reported this issue.
Vulnerable:

Not Vulnerable:

Exploit


An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.


Related Posts