EUVD-2020-19371

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SAP NetWeaver AS ABAP versions 740-754 allows Reflected Cross-Site Scripting due to URL encoding issues

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2020-26835	9 Dec 202020:32	–	circl
CNNVD	SAP NetWeaver AS ABAP 跨站脚本漏洞	8 Dec 202000:00	–	cnnvd
CNVD	SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability (CNVD-2021-03703)	15 Dec 202000:00	–	cnvd
CVE	CVE-2020-26835	9 Dec 202016:30	–	cve
Cvelist	CVE-2020-26835	9 Dec 202016:30	–	cvelist
NCSC	Vulnerabilities fixed in SAP products	8 Dec 202000:00	–	ncsc
NVD	CVE-2020-26835	9 Dec 202017:15	–	nvd
Prion	Cross site scripting	9 Dec 202017:15	–	prion
Positive Technologies	PT-2020-16518 · Sap · Sap Netweaver As Abap	9 Dec 202000:00	–	ptsecurity
Tenable Nessus	SAP NetWeaver AS Java and AS ABAP Multiple Vulnerabilities (Dec 2020)	11 Dec 202000:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "66679220-5cc1-3083-827e-58d6d2fe81d9",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0db828e0-e379-362f-a1bd-0dd2f6a22ad8",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 750"
      },
      {
        "id": "2f3b536f-b0c6-3184-912c-c420ff28c825",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 740"
      },
      {
        "id": "3fddd2b7-7cff-3465-9527-6e6a117ac523",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 753"
      },
      {
        "id": "4bd348ce-4b8f-38fe-b8d5-3de7945b40d9",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 752"
      },
      {
        "id": "5c577190-12e9-3659-91c5-c1a94357bf74",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 754"
      },
      {
        "id": "afb8eea1-76f1-332d-9776-14c3639749e4",
        "product": {
          "name": "SAP NetWeaver AS ABAP"
        },
        "product_version": "< 751"
      }
    ]
  }
]

Source	Link
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action
launchpad	www.launchpad.support.sap.com/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.9Medium risk

Vulners AI Score5.9

CVSS 35.3

CVSS 24.3

CVSS 3.16.1

EPSS0.003