CVE-2026-40137 - Cross-Site Scripting (XSS) vulnerability in Business Server Pages Application (TAF_APPLAUNCHER)
CVE ID :CVE-2026-40137 Published : May 12, 2026, 2:23 a.m. | 42 minutes ago Description :SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposin
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Adaptive deterrence urged to counter India’s hostile posture
- [CYBER] CVE-2026-40136 - Denial of service (DoS) in SAP Financial Consolidation
- [CYBER] CVE-2026-40135 - OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform
- [CYBER] CVE-2026-40134 - Missing Authorization Check in SAP Incentive and Commission Management
- [CYBER] CVE-2026-40133 - Missing Authorization check in SAP S/4HANA Condition Maintenance
- [CYBER] CVE-2026-40132 - Missing Authorization Check in SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard)