CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors

CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors

Severity: High

Vendor: SAP

Versions Affected: SAP successfactors - Release build b1702p5e.1190658

Description: Stored Cross-site scripting (XSS) vulnerability in SAP Successfactors allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.

Resolution: SAP has fixed this in Release build b1705.1234962