Published: 14/02/2023 Updated: 11/04/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

Subscribe to Netweaver As Abap Business Server Pages

Due to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an malicious user to execute a Reflected Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to hijack a user session, read and modify some sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap netweaver as abap business server pages 7.00
sap netweaver as abap business server pages 7.01
sap netweaver as abap business server pages 7.02
sap netweaver as abap business server pages 7.31
sap netweaver as abap business server pages 7.40
sap netweaver as abap business server pages 7.50
sap netweaver as abap business server pages 7.51
sap netweaver as abap business server pages 7.52
sap netweaver as abap business server pages 75c
sap netweaver as abap business server pages 75d
sap netweaver as abap business server pages 75e
sap netweaver as abap business server pages 75f
sap netweaver as abap business server pages 75g
sap netweaver as abap business server pages 75h

CWE-79 https://launchpad.support.sap.com/#/notes/3282663 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-24529

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect