Vulnerabilities > SAP > Biller Direct > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2023-42479 Unspecified vulnerability in SAP Biller Direct 635/750
An unauthenticated attacker can embed a hidden access to a Biller Direct URL in a frame which, when loaded by the user, will submit a cross-site scripting request to the Biller Direct system.
network
low complexity
sap
6.1
2022-11-08 CVE-2022-41207 Unspecified vulnerability in SAP Biller Direct 635/750
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL.
network
low complexity
sap
6.1