2 matches found
CVE-2008-3358
Cross-site scripting XSS vulnerability in Web Dynpro WD in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document...
CVE-2008-3358
CVE-2008-3358 is an XSS vulnerability in SAP NetWeaver Portal’s Web DynPro component. A crafted URI can reflect arbitrary script/HTML in a text/plain response when using Internet Explorer 7.0.5730, enabling remote attackers to execute client-side code in the victim’s browser. Root cause is unenco...