Sap Business_connector
7 CVEs affecting Sap Business_connector. Latest disclosed: 2026-01-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-42894 | Medium | 6.8 | 2025-11-11 | Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrit… |
CVE-2025-42892 | Medium | 6.8 | 2025-11-11 | Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could… |
CVE-2026-0514 | Medium | 6.1 | 2026-01-13 | Due to a Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting use… |
CVE-2025-42893 | Medium | 6.1 | 2025-11-11 | Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirec… |
CVE-2025-42886 | Medium | 6.1 | 2025-11-11 | Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it… |
CVE-2006-0732 | | 2006-02-16 | Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName paramet… | |
CVE-2006-0731 | | 2006-02-16 | WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in… |