Sap_se Sap Business Connector
7 CVEs affecting Sap_se Sap Business Connector. Latest disclosed: 2026-01-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-42894 | Medium | 6.8 | 2025-11-11 | Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrit… |
CVE-2025-42892 | Medium | 6.8 | 2025-11-11 | Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could… |
CVE-2026-0514 | Medium | 6.1 | 2026-01-13 | Due to a Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting use… |
CVE-2025-42893 | Medium | 6.1 | 2025-11-11 | Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirec… |
CVE-2025-42886 | Medium | 6.1 | 2025-11-11 | Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it… |
CVE-2024-30215 | Medium | 4.8 | 2024-04-09 | The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a succes… |
CVE-2024-30214 | Medium | 4.8 | 2024-04-09 | The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response… |