SAP Successfactors release build b1702p5e.1190658 suffers from a stored cross site scripting vulnerability.
bfe454a46eb43bfcc1ec32a0016911e6ecb628b8d74b6e404a65df2517180493
CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors
Severity: High
Vendor: SAP
Versions Affected: SAP successfactors - Release build b1702p5e.1190658
Description: Stored Cross-site scripting (XSS) vulnerability in SAP Successfactors allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.
Resolution: SAP has fixed this in Release build b1705.1234962