CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-0514

Due to a Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to access or modify information related to the webclient, impacting confidentiality and integrity, with no effect on availability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.8%

CVSS Severity

CVSS v3 Score 6.1

References

https://me.sap.com/notes/3666061
https://url.sap/sapsecuritypatchday

Products affected by CVE-2026-0514

Sap » Business Connector » Version: 4.8

cpe:2.3:a:sap:business_connector:4.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-0514

Products

Pricing

Contact Us