CVE-2025-30009 – SAP SRM Live Auction Cockpit Java Applet Remote Code Execution Vulnerability

May 13, 2025

CVE ID : CVE-2025-30009

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and integrity within the scope of that victim�s browser, with no effect on availability of the application

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-30010 – SAP SRM Java Applet Cross-Site Scripting (XSS)

Next Article CVE-2025-26662 – Apache Data Services Management Console Cross-Site Scripting Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Sam Altman doesn’t want his son to have an AI “bestie” — as Microsoft plans to turn Copilot into an AI friend and companion

ChatGPT downplays AI’s threat to humanity despite an apparent “99.999999% probability” of inevitable doom

Surface Pro 12-inch vs. iPad Air M3: Which should you choose?

A customizable and accessible web component

A customizable and accessible web component

How Agile Helps You Improve Your Agility

Laravel Seeder Generator

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Sam Altman doesn’t want his son to have an AI “bestie” — as Microsoft plans to turn Copilot into an AI friend and companion

ChatGPT downplays AI’s threat to humanity despite an apparent “99.999999% probability” of inevitable doom

CVE-2025-30009 – SAP SRM Live Auction Cockpit Java Applet Remote Code Execution Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47858 – Apache HTTP Server Cross-Site Request Forgery

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

CVE-2025-32788 – OctoPrint Authentication Bypass

“We definitely heard the feedback, we know people are excited about Paladins.” Diablo 4 lead talks about taking a new direction with the Spiritborn class and more about Vessel of Hatred

MIT spinout maps the body’s metabolites to uncover the hidden drivers of disease

Minecraft with object impermanence

Impact of Item Classification in Oracle PDH Cloud on Oracle Inventory Management Cloud

Call of Duty: Black Ops 6 closes out December as the best-selling game of 2024 in the US

Transcribe audio with Java using Universal-1

CVE-2025-30009 – SAP SRM Live Auction Cockpit Java Applet Remote Code Execution Vulnerability

Related Posts