Click the icon to Follow me:- twitterTelegramRedditDiscord


SAP Business One, version – 10.0, allows a local attacker with access to the victim’s browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application.

Reference Links(if available):

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Available for Amazon Prime