SAP fixes gaping authentication bypass flaw after 3 YEARS
in The Register by John Leyden