SAP, in its last security patches communication, has issued a total of 13 security updates, 3 of them as high priority while the rest as low (2), and medium priority (8). Among these vulnerabilities, 4 are related with service denial, authorization check failure, XSS or SQL injection.
Regarding the report last July, a total of 10 vulnerabilities were identified, but only one critical (SAP Solution Manager Issues), and two with high priority. The rest was identified as medium priority the rest. Although there were 36 updates in July, 24 aimed to solve the “clickjacking” security issue.
Source: SAP Community Network.