CVE-2025-42941— Reverse Tabnabbing vulnerability in SAP Fiori (Launchpad)
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-42941
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reverse Tabnabbing vulnerability in SAP Fiori (Launchpad)
Source: NVD (National Vulnerability Database)
Vulnerability Description
SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. An attacker with administrative user privileges could exploit this by leveraging compromised or malicious pages. While administrative access is necessary for certain configurations, the attacker does not need the administrative privileges to execute the attack. This could result in unintended manipulation of user sessions or exposure of sensitive information. The issue impacts the confidentiality and integrity of the system, but the availability remains unaffected.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用windows.opener访问指向不可信目标的web链接
Source: NVD (National Vulnerability Database)
Vulnerability Title
SAP Fiori 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SAP Fiori是德国思爱普(SAP)公司的一套为SAP应用程序提供用户体验(UX)的设计系统,它为设计人员和开发人员提供了一套工具和指南,能够快速地开发适用于任何平台的应用,为创建者和用户提供一致、创新的体验。 SAP Fiori (Launchpad)存在安全漏洞,该漏洞源于外部导航保护不足,可能导致反向标签劫持攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SAP_SE | SAP Fiori (Launchpad) | SAP_UI 754 | - |
II. Public POCs for CVE-2025-42941
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-42941
请登录查看更多情报信息。
Same Patch Batch · SAP_SE · 2025-08-12 · 16 CVEs total
| CVE-2025-42957 | 9.9 CRITICAL | Code Injection vulnerability in SAP S/4HANA (Private Cloud or On-Premise) |
| CVE-2025-42950 | 9.9 CRITICAL | Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform) |
| CVE-2025-42951 | 8.8 HIGH | Broken Authorization in SAP Business One (SLD) |
| CVE-2025-42976 | 8.1 HIGH | Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document) |
| CVE-2025-42946 | 6.9 MEDIUM | Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management) |
| CVE-2025-42975 | 6.1 MEDIUM | Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document) |
| CVE-2025-42948 | 6.1 MEDIUM | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform |
| CVE-2025-42945 | 6.1 MEDIUM | HTML Injection vulnerability in SAP NetWeaver Application Server ABAP |
| CVE-2025-42942 | 6.1 MEDIUM | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP |
| CVE-2025-42936 | 5.4 MEDIUM | Missing Authorization check in SAP NetWeaver Application Server for ABAP |
| CVE-2025-42949 | 4.9 MEDIUM | Missing Authorization check in ABAP Platform |
| CVE-2025-42943 | 4.5 MEDIUM | Information Disclosure in SAP GUI for Windows |
| CVE-2025-42934 | 4.3 MEDIUM | CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice) |
| CVE-2025-42935 | 4.1 MEDIUM | Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform(Intern |
| CVE-2025-42955 | 3.5 LOW | Missing authorization check in SAP Cloud Connector |
IV. Related Vulnerabilities
Same vendor: SAP_SE
- CVE-2026-34264
Information Disclosure vulnerability in SAP Human Capital Ma - CVE-2026-34262
Information Disclosure Vulnerability in SAP HANA Cockpit and - CVE-2026-34261
Missing Authorization check in SAP Business Analytics and SA - CVE-2026-34257
Open Redirect vulnerability in SAP NetWeaver Application Ser - CVE-2026-34256
Missing Authorization check in SAP ERP and SAP S/4 HANA (Pri
Same weakness: CWE-1022
- CVE-2025-59842
JupyterLab LaTeX typesetter links did not enforce `noopener` - CVE-2025-33014
IBM Sterling B2B Integrator and IBM Sterling File Gateway li - CVE-2024-39727
IBM Engineering Lifecycle Optimization - Engineering Insight - CVE-2018-25089
glb Meetup Tag Extension Link Attribute reverse tabnabbing - CVE-2022-4927
ualbertalib NEOSDiscovery _refworks.html.erb reverse tabnabb
V. Comments for CVE-2025-42941
No comments yet