[ERPSCAN-11-035] SAP GUI BAPI Explorer- Unauthorized execution of function

DSECRG Advisories

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver
Vendor URL: http://www.sap.com
Bugs:Unauthorized execution
Exploits: YES
Reported: 15.02.2011
Vendor response:16.02.2011
Date of Public Advisory:11.11.2011
Author: Dmitriy Chastuchin

SAP GUI BAPI Explorer has stored XSS which can be used to unauthorized code execution on server side.

Business Risk
Legitimate user of SAP can insert a malicious script into transaction code which can run any function without authorisation or get access to OS.