SAP blasts critical software problems in patch update

The security fixes deal with a range of problems including cross-site scripting flaws and SQL injection vulnerabilities.

SAP has issued a round of fixes to plug security flaws discovered in the company's software and solutions.


According to the tech giant's security advisory, the update fixes four denial-of-service security flaws, two directory traversal and missing authorization checks, a single cross-site scripting vulnerability, and one SQL injection issue.

In addition, SAP fixed three other security problems but no details have been released on their substance -- or any detailed explanation of the vulnerabilities mentioned above.

See also: SAP to double down on cybersecurity strategy

The company also updated 13 security fixes issued in July.

In total, 11 researchers reported the problems fixed in the August patch round, including Core Security's Martin Gallo, Core Security, Martin Gallo from Devoteam, and Onapsis' Sergio Abraham.

In May, SAP announced a reshuffle of executive ranks to better target small and medium-sized businesses.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All