CVE-2026-0512: CWE-79: Improper Neutralization of Input During Web Page Generation in SAP_SE SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
CVE-2026-0512 is a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management product, specifically in the SICF Handler within the SRM Catalog. An unauthenticated attacker can craft a malicious URL that, when visited by a victim, executes malicious scripts in the victim's browser. This vulnerability impacts the confidentiality and integrity of the application by potentially allowing unauthorized access and modification of information. Availability is not affected. The vulnerability affects versions SRM_SERVER 702, 713, and 714. No official patch or remediation guidance has been provided yet.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-0512) is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), commonly known as Cross-Site Scripting (XSS). It exists in the SICF Handler component of the SAP Supplier Relationship Management (SRM) Catalog. The flaw allows an unauthenticated attacker to craft a malicious URL that executes arbitrary scripts in the context of a victim's browser session, potentially leading to unauthorized access and modification of sensitive information. The vulnerability has a CVSS 3.1 base score of 6.1, indicating medium severity, with network attack vector, low attack complexity, no privileges required, user interaction required, and impacts on confidentiality and integrity but not availability. The affected versions include SRM_SERVER 702, 713, and 714. No vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation could allow an attacker to execute malicious scripts in the victim's browser, leading to unauthorized access and modification of information within the SAP SRM application. This compromises the confidentiality and integrity of data but does not affect system availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should consider applying web application firewall (WAF) rules to detect and block malicious input targeting the vulnerable SICF Handler. Additionally, user awareness to avoid clicking suspicious URLs can reduce risk. Monitor SAP's official channels for updates and patches.
CVE-2026-0512: CWE-79: Improper Neutralization of Input During Web Page Generation in SAP_SE SAP Supplier Relationship Management (SICF Handler in SRM Catalog)
Description
CVE-2026-0512 is a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management product, specifically in the SICF Handler within the SRM Catalog. An unauthenticated attacker can craft a malicious URL that, when visited by a victim, executes malicious scripts in the victim's browser. This vulnerability impacts the confidentiality and integrity of the application by potentially allowing unauthorized access and modification of information. Availability is not affected. The vulnerability affects versions SRM_SERVER 702, 713, and 714. No official patch or remediation guidance has been provided yet.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-0512) is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), commonly known as Cross-Site Scripting (XSS). It exists in the SICF Handler component of the SAP Supplier Relationship Management (SRM) Catalog. The flaw allows an unauthenticated attacker to craft a malicious URL that executes arbitrary scripts in the context of a victim's browser session, potentially leading to unauthorized access and modification of sensitive information. The vulnerability has a CVSS 3.1 base score of 6.1, indicating medium severity, with network attack vector, low attack complexity, no privileges required, user interaction required, and impacts on confidentiality and integrity but not availability. The affected versions include SRM_SERVER 702, 713, and 714. No vendor advisory or patch information is currently available.
Potential Impact
Successful exploitation could allow an attacker to execute malicious scripts in the victim's browser, leading to unauthorized access and modification of information within the SAP SRM application. This compromises the confidentiality and integrity of data but does not affect system availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should consider applying web application firewall (WAF) rules to detect and block malicious input targeting the vulnerable SICF Handler. Additionally, user awareness to avoid clicking suspicious URLs can reduce risk. Monitor SAP's official channels for updates and patches.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- sap
- Date Reserved
- 2025-12-09T22:06:50.861Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69dd877482d89c981f91f518
Added to database: 4/14/2026, 12:16:52 AM
Last enriched: 4/14/2026, 12:33:19 AM
Last updated: 4/14/2026, 9:05:46 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.