one SSRF bug, one implementation flaw, and one denial of service. “Cross-Site Scripting remains the most widespread security loophole in SAP Applications with 20% of the released Notes addressing this type of issues,” ERPScan, another company focused …