The vulnerability of the single interface for SAP NetWeaver Business Client, which exists due to the lack of measures taken to protect the structure of the web page, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the single interface for SAP NetWeaver Business Client exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

CVE-2024-22128 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

CVE-2024-22128 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver Business Client NWBC for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 roundtrips parameter, aka SAP Security Note 2051285...

CVE-2014-4160

Multiple cross-site scripting XSS vulnerabilities in the testcanvas node in SAP NetWeaver Business Client NWBC allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 sap-accessibility parameter...

CVE-2014-4160

Multiple cross-site scripting XSS vulnerabilities in the testcanvas node in SAP NetWeaver Business Client NWBC allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 sap-accessibility parameter...

CVE-2010-4556

Stack-based buffer overflow in the SapThemeRepository ActiveX control sapwdpcd.dll in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the 1 Load and 2 LoadTheme methods...

Stack overflow

Stack-based buffer overflow in the SapThemeRepository ActiveX control sapwdpcd.dll in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the 1 Load and 2 LoadTheme methods...

CVE-2010-4556

Stack-based buffer overflow in the SapThemeRepository ActiveX control sapwdpcd.dll in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the 1 Load and 2 LoadTheme methods...

SAP NetWeaver Business Client SapThemeRepository ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Business Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...