XSS in SAP

XSS in SAP

Hi Friends

Sharing Another POC with you
Vulnerability Type : XSS
Site: sap.com

and here is the Report that i sent to secure@sap.com
the credit for that bug deserving person is Andrew Thomas (syed Daniyal Bin Rashid) <3
β€œIn The Name of ALLAH, The Most Beneficent, The Most Merciful

Hello there..!!
I am Independent Security Researcher From Pakistan and my name is Tayyab Qadir,
Recently I have found XSS (Cross Site Scripting) Vulnerability in your website.If you can see that i created link in this mail where i show the proof of that undisclosed XSS vulnerability in your website.
++++++ Proof Of Concept :
Vulnerable Link to XSS in your website is : http://www.sap.com/registration/login-ids.html?from=vulnerable to xss
like
http://www.sap.com/registration/login-ids.html?from=”><img src=x onerror=prompt(document.domain);>

Thanks

+++++++
I hope you will fix this issue.”

Regards
Tayyab Qadir

So that POC you want
It is Fixed Now
thanks For Reading
Feedback on fb

Leave a Reply

Your email address will not be published. Required fields are marked *

twelve − 11 =