Open Redirect in Sap_se Sap S/4hana Landscape (Sap E-recruiting Bsp)

CVE-2025-42924

SAP S/4HANA landscape SAP E-Recruiting BSP allows an unauthenticated attacker to craft malicious links, when clicked the victim could be redirected to the page controlled by the attacker. This has low impact on confidentiality and integrit…

Vulnerability class: Open Redirect

EPSS: 0.002 (8.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-42924?
CVE-2025-42924 is a medium-severity vulnerability in Sap_se Sap S/4hana Landscape (Sap E-recruiting Bsp), classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 6.1/10. Published 2025-11-11.
How severe is CVE-2025-42924?
Medium severity. CVSS v3 base score is 6.1 out of 10.