{“lastseen”:””,”description”:”Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request type, this deviation from expected request semantics may allow an attacker to trigger unintended actions on behalf of an authenticated user causing low impact on integrity of the system. This has no impact on confidentiality and availability.”,”published”:”2026-01-13T01:13:06.863Z”,”modified”:”2026-01-13T01:13:06.863Z”,”type”:”cve”,”title”:”Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)”,”source”:”sap”,”references”:”https:\/\/me.sap.com\/notes\/3655229\\nhttps:\/\/url.sap\/sapsecuritypatchday”,”id”:”CVE-2026-0493″,”bulletinFamily”:””,”cwe”:[“CWE-352″],”cvelist”:null,”sourceData”:”SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIAPFI70 500\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 600\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 700\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 800\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 900\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 901\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 902\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) S4CORE 102\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 103\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 104\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 105\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 106\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 107\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 108\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) 109\\nSAP_SE SAP Fiori App (Intercompany Balance Reconciliation) UIS4H 109″,”sourceHref”:””,”cvss”:{“score”:4.3,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”SAP Fiori App (Intercompany Balance Reconciliation)”,”version”:”UIAPFI70 500″,”vendor”:”SAP_SE”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App Intercompany Balance Reconciliation an attacker could execute state?changing actions using an inappropriate request…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,123,12,21,13,7,11,5],"class_list":["post-35216","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-43","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n