Every CVE whose affected-product data names Sap Fiori, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-2474 — CVSS 6.5 (medium): SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send…
CVE-2023-24528 — CVSS 6.5 (medium): SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain…
CVE-2020-6266 — CVSS 5.4 (medium): SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a malicious site due to insufficient URL…
CVE-2024-25643 — CVSS 4.3 (medium): The SAP Fiori app (My Overtime Request) - version 605, does not perform the necessary authorization checks for an authenticated user which…