CVE-2024-22129 – Cross-Site Scripting (XSS) vulnerability in SAP Companion

https://notcve.org/view.php?id=CVE-2024-22129

13 Feb 2024 — SAP Companion - version <3.1.38, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information and cause minor impact on the integrity of the web application. SAP Companion: versión <3.1.38, tiene una URL con un parámetro que podría ser vulnerable a un ataque XSS. El atacante podría enviar un enlace malicioso a un usuario que posiblemente le permitiría recuperar información co... • https://me.sap.com/notes/3404025 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •