CVE-2025-43006 – SAP Supplier Relationship Management XSS Vulnerability

May 13, 2025

CVE ID : CVE-2025-43006

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : SAP Supplier Relationship Management (Master Data Management Catalogue) allows an unauthenticated attacker to execute malicious scripts in the application, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This has no impact on the availability of the application, but it can have some minor impact on its confidentiality and integrity.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43007 – SAP Service Parts Management Privilege Escalation Vulnerability

Next Article CVE-2025-43005 – SAP GUI for Windows Insecure Credential Storage Vulnerability

Highlights

CVE-2025-53030 – Oracle VirtualBox Core Privilege Escalation Vulnerability

July 16, 2025

CVE ID : CVE-2025-53030

Published : July 15, 2025, 8:15 p.m. | 6 hours, 37 minutes ago

Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Severity: 6.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

CVE-2025-43006 – SAP Supplier Relationship Management XSS Vulnerability

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

Windows 11 Widgets Board Could Get More Useful with THIS Update

How to Transform JSON Data to Match Any Schema

CVE-2025-48866 – ModSecurity SanitizeArg Denial of Service Vulnerability

Brody King Abolish ICE Shirt

CVE-2025-53030 – Oracle VirtualBox Core Privilege Escalation Vulnerability

CVE-2025-21467 – Cisco Router Buffer Overflow

Adobe brings native Windows on Arm support to Premiere Pro, After Effects, and more — but not all features made it

Introducing Automated Risk Analysis in Relational Migrator

CVE-2025-43006 – SAP Supplier Relationship Management XSS Vulnerability

Related Posts