Cross site scripting

2018-07-1018:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

45.1%

JSON

SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

CPENameOperatorVersion
netweaver_enterprise_portaleq7.31
netweaver_enterprise_portaleq7.11
netweaver_enterprise_portaleq7.20
netweaver_enterprise_portaleq7.30
netweaver_enterprise_portaleq7.40
netweaver_enterprise_portaleq7.50
netweaver_enterprise_portalge7.0
netweaver_enterprise_portalle7.02

Name	Operator	Version
netweaver_enterprise_portal	eq	7.31
netweaver_enterprise_portal	eq	7.11
netweaver_enterprise_portal	eq	7.20
netweaver_enterprise_portal	eq	7.30
netweaver_enterprise_portal	eq	7.40
netweaver_enterprise_portal	eq	7.50
netweaver_enterprise_portal	ge	7.0
netweaver_enterprise_portal	le	7.02