Posted by Onapsis Research via Fulldisclosure on Jan 26

# Onapsis Security Advisory 2021-0022: SAP Enterprise Portal – XSS
RunContentCreation

## Impact on Business

Impact depends on the victim’s privileges. In the worst case, a successful
attack
allow attacker to hijack administrator session and perform action like
exfiltrate data, change data or shutdown the Portal.

## Advisory Information

– Public Release Date: 01/26/2022
– Security Advisory ID: ONAPSIS-2021-0022
– Researcher(s): Yvan…
Read More – Full Disclosure


By |2022-01-26T12:19:03-05:00January 26th, 2022|