Due to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an malicious user to execute a Reflected Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to hijack a user session, read and modify some sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver as abap business server pages 7.00 |
||
sap netweaver as abap business server pages 7.01 |
||
sap netweaver as abap business server pages 7.02 |
||
sap netweaver as abap business server pages 7.31 |
||
sap netweaver as abap business server pages 7.40 |
||
sap netweaver as abap business server pages 7.50 |
||
sap netweaver as abap business server pages 7.51 |
||
sap netweaver as abap business server pages 7.52 |
||
sap netweaver as abap business server pages 75c |
||
sap netweaver as abap business server pages 75d |
||
sap netweaver as abap business server pages 75e |
||
sap netweaver as abap business server pages 75f |
||
sap netweaver as abap business server pages 75g |
||
sap netweaver as abap business server pages 75h |