CVE-2021-27601

🗓️ 13 Apr 2021 18:43:53Reported by sapType

SAP NetWeaver AS Java XSS Vulnerabilit

Reporter	Title	Published	Views	Family All 10
CNNVD	SAP Netweaver 跨站脚本漏洞	13 Apr 202100:00	–	cnnvd
CNVD	SAP NetWeaver AS JAVA cross-site scripting vulnerability (CNVD-2021-29100)	16 Apr 202100:00	–	cnvd
CVE	CVE-2021-27601	13 Apr 202118:43	–	cve
EUVD	EUVD-2021-14348	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in SAP Netweaver products	13 Apr 202100:00	–	ncsc
NVD	CVE-2021-27601	13 Apr 202119:15	–	nvd
OSV	CVE-2021-27601	13 Apr 202119:15	–	osv
Prion	Cross site scripting	13 Apr 202119:15	–	prion
RedhatCVE	CVE-2021-27601	9 Jan 202609:21	–	redhatcve
Tenable Nessus	SAP NetWeaver AS Java and AS ABAP Multiple Vulnerabilities (Apr 2021)	15 Apr 202100:00	–	nessus

[
  {
    "product": "SAP NetWeaver AS for Java (Applications based on HTMLB for Java)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "EP-BASIS 7.10, 7.11, 7.30, 7.31, 7.40, 7.50"
      },
      {
        "status": "affected",
        "version": "FRAMEWORK-EXT 7.30, 7.31, 7.40, 7.50"
      },
      {
        "status": "affected",
        "version": "FRAMEWORK 7.10, 7.11"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

13 Apr 2021 18:43Current

5.7Medium risk

Vulners AI Score5.7

CVSS 35.4

EPSS0.00473