CVE-2026-0512
Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
CVSS Score
6.1
EPSS Score
0.1%
EPSS Percentile
21th
Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's browser. This could allow the attacker to access and modify information, impacting the confidentiality and integrity of the application, while availability remains unaffected.
| Vendor | sap_se |
| Product | sap supplier relationship management (sicf handler in srm catalog) |
| Published | Apr 14, 2026 |
| Last Updated | Apr 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for sap_se sap supplier relationship management (sicf handler in srm catalog)
Be the first to know when new medium vulnerabilities affecting sap_se sap supplier relationship management (sicf handler in srm catalog) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Affected Versions
SAP_SE / SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
SRM_SERVER 702 713 714