SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized malicious user to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting (XSS) vulnerability and the attacker can read and modify data. However, the attacker does not have control over kind or degree.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver application server java 7.30 |
||
sap netweaver application server java 7.31 |
||
sap netweaver application server java 7.40 |
||
sap netweaver application server java 7.50 |
||
sap netweaver application server java 7.10 |
||
sap netweaver application server java 7.11 |