CVE-2026-24323 – Multiple vulnerabilities in BSP Applications of SAP Document Management System

CVE ID : CVE-2026-24323

Published : Feb. 10, 2026, 3:04 a.m. | 1 hour, 17 minutes ago

Description : The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality and integrity, and no impact on the availability of the application.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…