Vulnerabilities > SAP > Biller Direct > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-12 | CVE-2023-42479 | Unspecified vulnerability in SAP Biller Direct 635/750 An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system. | 6.1 |
2022-11-08 | CVE-2022-41207 | Unspecified vulnerability in SAP Biller Direct 635/750 SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL. | 6.1 |