CVE-2016-9563

BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity XXE attacks via the sap.comtcbpemhimuwlconnproviderweb/bpemuwlconn URI, aka SAP Security Note 2296909...

PT-2016-3362 · Sap · Sap Netweaver As Java

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS JAVA version 7.5 Description: The issue is related to an XML External Entity XXE vulnerability in the BC-BMT-BPM-DSK component of SAP NetWeaver AS JAVA. This vulnerability allows remote authenticated users to conduct XXE...