Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2025-25242

๐Ÿ—“๏ธย 11 Mar 2025ย 00:32:28Reported byย sapTypeย 
cve
ย cve๐Ÿ”—ย web.nvd.nist.gov๐Ÿ‘ย 48ย Views

SAP NetWeaver Application Server ABAP has a Cross-Site Scripting vulnerability allowing script execution.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform arises from the lack of measures taken to protect the structure of web pages. This vulnerability allows attackers to carry out XSS attacks.
1 Apr 202500:00
โ€“bdu_fstec
Circl		CVE-2025-25242
11 Mar 202502:18
โ€“circl
CNNVD		SAP NetWeaver Application Server ่ทจ็ซ™่„šๆœฌๆผๆดž
11 Mar 202500:00
โ€“cnnvd
CNVD		SAP NetWeaver Application Server ABAP Cross-Site Scripting Vulnerability
14 Mar 202500:00
โ€“cnvd
Cvelist		CVE-2025-25242 Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP
11 Mar 202500:32
โ€“cvelist
EUVD		EUVD-2025-7662
3 Oct 202520:07
โ€“euvd
NCSC		Vulnerabilities fixed in SAP software
11 Mar 202512:20
โ€“ncsc
NVD		CVE-2025-25242
11 Mar 202501:15
โ€“nvd
RedhatCVE		CVE-2025-25242
13 Mar 202518:14
โ€“redhatcve
Vulnrichment		CVE-2025-25242 Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP
11 Mar 202500:32
โ€“vulnrichment
Rows per page
Vulners
Node
sapsap_basisMatch740
OR
sapsap_basisMatch750
OR
sapsap_basisMatch751
OR
sapsap_basisMatch752
OR
sapsap_basisMatch753
OR
sapsap_basisMatch754
OR
sapsap_basisMatch755
OR
sapsap_basisMatch756
OR
sapsap_basisMatch757
OR
sapsap_basisMatch758
OR
sapsap_basisMatch914
[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver Application Server ABAP",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SAP_BASIS 740"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 750"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 751"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 752"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 753"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 754"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 755"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 756"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 757"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 758"
      },
      {
        "status": "affected",
        "version": "SAP_BASIS 914"
      }
    ]
  }
]

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Apr 2026 00:35Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.16.1
EPSS0.00243
SSVC
CWE-79
cve-2025-25242sap netweavercross-site scriptingapplication securityconfidentialityintegrity
48