EUVD-2022-33941

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

SAP NetWeaver ABAP server vulnerable to file uploads and deletion, risking stored XSS attacks.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-29610	11 May 202215:15	–	attackerkb
Circl	CVE-2022-29610	11 May 202218:35	–	circl
CNNVD	SAP NetWeaver Application Server 跨站脚本漏洞	10 May 202200:00	–	cnnvd
CNVD	SAP NetWeaver ABAP Server Cross-Site Scripting Vulnerability	12 May 202200:00	–	cnvd
CVE	CVE-2022-29610	11 May 202214:56	–	cve
Cvelist	CVE-2022-29610	11 May 202214:56	–	cvelist
NVD	CVE-2022-29610	11 May 202215:15	–	nvd
Prion	Cross site scripting	11 May 202215:15	–	prion
RedhatCVE	CVE-2022-29610	22 May 202522:46	–	redhatcve
Tenable Nessus	SAP NetWeaver AS ABAP Multiple Vulnerabilities (January 2022)	13 May 202200:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "13b902bf-b1aa-3d6f-98e3-134f11aba708",
        "vendor": {
          "name": "SAP SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "09268937-3a69-326c-826b-90b347ae1644",
        "product": {
          "name": "SAP NetWeaver Application Server ABAP"
        },
        "product_version": "756"
      },
      {
        "id": "377b7548-48ff-3c16-86e1-b67ca7639236",
        "product": {
          "name": "SAP NetWeaver Application Server ABAP"
        },
        "product_version": "753"
      },
      {
        "id": "cb287a91-fb95-34f6-821b-82261c719c90",
        "product": {
          "name": "SAP NetWeaver Application Server ABAP"
        },
        "product_version": "755"
      },
      {
        "id": "f0847be4-e417-3a74-bbce-f235af80ca35",
        "product": {
          "name": "SAP NetWeaver Application Server ABAP"
        },
        "product_version": "754"
      }
    ]
  }
]

Source	Link
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
launchpad	www.launchpad.support.sap.com/

03 Oct 2025 20:07Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.4

CVSS 23.5

EPSS0.00302