CVEs-PoC/2020/CVE-2020-6206.md

### [CVE-2020-6206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6206)
![](https://img.shields.io/static/v1?label=Product&message=SAP%20Cloud%20Platform%20Integration%20for%20Data%20Services&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C1.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Request%20Forgery&color=brighgreen)

### Description

SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery.

### POC

#### Reference
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305

#### Github
No PoCs found on GitHub currently.