CVE-2026-0496

MEDIUM WAF: Medium

CVSS 6.6 Published: 2026-01-13

CWE-434

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file (including script files) without proper file format validation. This has low impact on confidentiality, integrity and availability of the application.

WAF Coverage Analysis

Unrestricted File Upload Medium WAF Coverage

OWASP: A04:2021 Insecure Design

930xxx - Local File Inclusion

References

me.sap.com
url.sap

Back to CVE Database