Published: 14/12/2021 Updated: 30/04/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized malicious users to conduct XSS attacks, which might lead to disclose sensitive data.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap knowledge warehouse 7.31

sap knowledge warehouse 7.40

sap knowledge warehouse 7.50

sap knowledge warehouse 7.30

Mailing Lists

SAP Knowledge Warehouse versions 730, 731, 740, and 750 suffer from a cross site scripting vulnerability ...

Github Repositories

SAP-Pentest-Cheatsheet Bismillah For conducting the Pentest you should deploy SAP System on your Network SAP Web Interface Vulnerability Open Redirection Check HOST/sap/public/bc/icf/logoff?redirecturl=MALICIOUSURL Unsecured Protocol (HTTP) Check HOST:PORT/startPage HOST:PORT/sap/public/info System Informational Misconfiguration Check HOST:POR

This is the central place for my security advisories Also published over at seclistsorg/fulldisclosure/ CVE Title CVE-2013-4694 WinAmp v563 gen_jumpexdll and ml_localdll Multiple Buffer Overflows CVE-2013-5701 Watchguard Server Center v1174 wgprdll Insecure Library Loading Local Privilege Escalation Vulnerability CVE-2013-5702 Watchguard Server Cente