Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSapCVELIST:CVE-2021-38183
HistoryOct 12, 2021 - 2:04 p.m.

CVE-2021-38183

2021-10-1214:04:07
sap
www.cve.org
4
sap netweaver
versions 700 701 702 730
xss vulnerability
user-controlled inputs
web application
cross-site scripting

EPSS

0.001

Percentile

36.3%

JSON

SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability.

CNA Affected

[
  {
    "product": "SAP NetWeaver",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 700"
      },
      {
        "status": "affected",
        "version": "< 701"
      },
      {
        "status": "affected",
        "version": "< 702"
      },
      {
        "status": "affected",
        "version": "< 730"
      }
    ]
  }
]

Related

cnvd 1
prion 1
cve 1
nvd 1
cnvd
cnvd
SAP Netweaver Cross-Site Scripting Vulnerability (CNVD-2021-103657)
2021-10-15 00:00:00
prion
prion
Cross site scripting
2021-10-12 15:15:00
cve
cve
CVE-2021-38183
2021-10-12 15:15:08
nvd
nvd
CVE-2021-38183
2021-10-12 15:15:08

EPSS

0.001

Percentile

36.3%

JSON
Related for CVELIST:CVE-2021-38183
cnvd1prion1cve1nvd1