Sap: >> Document Management System >> 600 Security Vulnerabilities
The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality and integrity, and no impact on the availability of the application.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-10
The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the availability of the application.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-10