SAP TranslationSupport Application XML External Entity Injection Vulnerability

SAP TranslationSupport application is prone to an XML External Entity injection vulnerability.

Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.

Information

Bugtraq ID: 97573
Class: Unknown
CVE:
Remote: Yes
Local: No
Published: Apr 11 2017 12:00AM
Updated: Apr 18 2017 12:04AM
Credit: The vendor reported this issue.
Vulnerable: SAP TranslationSupport application 0

Not Vulnerable:

References:

• SAP Homepage (SAP)
  
• SAP Security Note-2400292 (SAP)
  
• SAP Security Patch Day â?? April 2017 (SAP)
  

Source: www.securityfocus.com