SAP Application Interface Framework (SAP AIF) is a German SAP (SAP) companyβs application program interface framework. A security vulnerability exists in the SAP Application Interface Framework that stems from the application allowing the use of HTML markup, which can be exploited by an attacker to inject images into external domains using some basic HTML code (e.g. heading, basic formatting, lists).