Re: SAP's web module OLK SQL Injection vulnerability

[yuval.lerner () topmanage com pa]

This field is validated through JavaScript but now I blocked the field so you it only accepts numeric values throu 
OnKeyDown event, aditionally I added a CDbl() function on the requests of this field in case you have a way to go over 
the javascript functionality, this should be available in the next patch version 1.91.31, all the older versions should 
update to this version.
Thanks anyway and let me know if you find anything else....