SAP Security Boosted by Onapsis' 37 Patches in 2023, Focusing on XSS Vulnerabilities
SAP has received significant security support from Onapsis Research Labs in 2023, with 37 patches contributed. The year has seen a focus on addressing Cross-Site Scripting (XSS) vulnerabilities and other critical issues.
Onapsis' contributions include six Medium Priority Notes fixing XSS vulnerabilities across various components. Notably, Note #3315971 and its update #3322800 deserve special attention, as they fully address an XSS vulnerability in SAP CRM.
Eight notes were dedicated to patching XSS, the most prevalent vulnerability this year. Other significant contributions include Note #3326210, updated to support SAP NetWeaver 7.58 and patch an Improper Neutralization vulnerability in the sap.m.FormattedText SAPUI5 control, and Note #3102769, providing a workaround for a critical Cross-Site Scripting vulnerability in SAP Knowledge Warehouse.
In June alone, 13 new and updated SAP security patches were released, including four High Priority Notes. Onapsis helped fix a Denial of Service vulnerability in the Transport Management System (Note #3325642). Two High Priority Notes (#3324285 and #3301942) addressed critical XSS vulnerabilities in UI5 Variant Management and SAP Plant Connectivity, respectively.
The collaboration between Onapsis Research Labs and SAP has resulted in a robust response to security threats in 2023. With 37 patches contributed, including those addressing critical XSS vulnerabilities, SAP's systems remain better protected.
Read also:
- Overcoming Yielding Regulations Hurdles in Indian Export Sector for EU Markets
- Palisades Fire Threatens UCLA Neighborhoods, Resident Proposes Rezoning
- Maximizing Business Agility and Efficiency through Hybrid Cloud: Unveiling the Advantages
- Shaping production and consumption tendencies via cosmetic certification
