SAP Note 1568674 - Code injection vulnerability in CRM_UBB_LAE_EDIT

Component : Usage Based Service Contract -

Solution : https://service.sap.com/sap/support/notes/1568674 (SAP Service marketplace login required)

Key words :
execute user-defined code, function module crm_ubb_lae_edit_content, obtain additional information, affect thenormal functions, arbitrary program code, potentially escalate privileges, executing malicious code, program code, malicious user, authenticated user

Related Notes :

1342183	Security information: Transaction FIAAHELP
888889	Automatic checks for security notes using RSECNOTE

STechno

SAP Note 1568674 - Code injection vulnerability in CRM_UBB_LAE_EDIT_CONTENT