Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated malicious user to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver development infrastructure 7.30 |
||
sap netweaver development infrastructure 7.31 |
||
sap netweaver development infrastructure 7.40 |
||
sap netweaver development infrastructure 7.50 |