CVE-2018-2452

The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting XSS vulnerability...

CVE-2018-2452

SAP NetWeaver AS Java logon application (versions 7.10–7.11, 7.20, 7.30, 7.31, 7.40, 7.50) is affected by a cross-site scripting (XSS) vulnerability caused by insufficient encoding of user-controlled inputs. The issue stems from input handling in the logon component, enabling injection of web scr...