SAP blasts critical software problems in patch update

The security fixes deal with a range of problems including cross-site scripting flaws and SQL injection vulnerabilities.
Written by Charlie Osborne, Contributing Writer

SAP has issued a round of fixes to plug security flaws discovered in the company's software and solutions.


According to the tech giant's security advisory, the update fixes four denial-of-service security flaws, two directory traversal and missing authorization checks, a single cross-site scripting vulnerability, and one SQL injection issue.

In addition, SAP fixed three other security problems but no details have been released on their substance -- or any detailed explanation of the vulnerabilities mentioned above.

See also: SAP to double down on cybersecurity strategy

The company also updated 13 security fixes issued in July.

In total, 11 researchers reported the problems fixed in the August patch round, including Core Security's Martin Gallo, Core Security, Martin Gallo from Devoteam, and Onapsis' Sergio Abraham.

In May, SAP announced a reshuffle of executive ranks to better target small and medium-sized businesses.

The 10 step guide to using Tor to protect your privacy

Editorial standards