SAP NetWeaver Enterprise Portal is a SAP NetWeaver Web front-end component of SAP (SAP) Germany. A cross-site scripting vulnerability exists in SAP NetWeaver Enterprise Portal, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive information or hijack user sessions when malicious data is viewed.