Cross site scripting

2020-04-2423:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

36.3%

JSON

SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_PHTMLB, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, is vulnerable to reflected Cross-Site Scripting (XSS) via different URL parameters as it does not sufficiently encode user controlled inputs.

CPENameOperatorVersion
netweaver_as_abap_business_server_pageseq700
netweaver_as_abap_business_server_pageseq701
netweaver_as_abap_business_server_pageseq702
netweaver_as_abap_business_server_pageseq730
netweaver_as_abap_business_server_pageseq731
netweaver_as_abap_business_server_pageseq740
netweaver_as_abap_business_server_pageseq750
netweaver_as_abap_business_server_pageseq751
netweaver_as_abap_business_server_pageseq752
netweaver_as_abap_business_server_pageseq753

Name	Operator	Version
netweaver_as_abap_business_server_pages	eq	700
netweaver_as_abap_business_server_pages	eq	701
netweaver_as_abap_business_server_pages	eq	702
netweaver_as_abap_business_server_pages	eq	730
netweaver_as_abap_business_server_pages	eq	731
netweaver_as_abap_business_server_pages	eq	740
netweaver_as_abap_business_server_pages	eq	750
netweaver_as_abap_business_server_pages	eq	751
netweaver_as_abap_business_server_pages	eq	752
netweaver_as_abap_business_server_pages	eq	753