Lucene search

CVE-2024-34685

🗓️ 09 Jul 2024 04:12:15Reported by sapType

Due to weak encoding in SAP NetWeaver Knowledge Management XMLEditor, malicious scripts can be executed, leading to a Cross-Site Scripting (XSS) vulnerability

Reporter	Title	Published	Views	Family All 4
CNVD	SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2024-35654)	19 Jul 202400:00	–	cnvd
Cvelist	CVE-2024-34685 [CVE-2024-34685] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management XMLEditor	9 Jul 202403:53	–	cvelist
Vulnrichment	CVE-2024-34685 [CVE-2024-34685] Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management XMLEditor	9 Jul 202403:53	–	vulnrichment
NVD	CVE-2024-34685	9 Jul 202404:15	–	nvd

Nvd

Node

sap netweaver_knowledge_management_and_collaboration_\(kmc-cm\)Match7.50

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver Knowledge Management XMLEditor",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "KMC-WPC 7.50"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3468681

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jul 2024 04:15Current

6.2Medium risk

Vulners AI Score6.2

CVSS36.1

EPSS0.00046

SSVC

CWE-79