Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver enterprise portal 7.30 |
||
sap netweaver enterprise portal 7.31 |
||
sap netweaver enterprise portal 7.40 |
||
sap netweaver enterprise portal 7.50 |