1 results (0.003 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29613
https://notcve.org/view.php?id=CVE-2022-29613
11 May 2022 — Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number. On successful exploitation, the attacker can view personal details of other users causing a limited impact on confidentiality of the application. Debido a una comprobación de entrada insuficiente, SAP Employee Self Service permite a un atacante autenticado con privilegios de usuario alterar el número de empleado. Si es explotado con éxito, el atacante puede visualiz... • https://launchpad.support.sap.com/#/notes/3164677 • CWE-20: Improper Input Validation •