Vulnerability in Sap Business_connector

CVE-2006-0731

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.

EPSS: 0.027 (84.3th percentile) — read the EPSS interpretation.

Affected products

References