SAP Successfactors release build b1702p5e.1190658 suffers from a stored cross site scripting vulnerability.
b54e1dd8507e439c7eeb1399d63a933c
CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors
Severity: High
Vendor: SAP
Versions Affected: SAP successfactors - Release build b1702p5e.1190658
Description: Stored Cross-site scripting (XSS) vulnerability in SAP Successfactors allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.
Resolution: SAP has fixed this in Release build b1705.1234962