2 matches found
CVE-2018-2462
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source...
CVE-2018-2462
CVE-2018-2462 affects SAP NetWeaver BI (BEx Web Java Runtime Export Web Service) across versions 7.30, 7.31, 7.40, 7.41, and 7.50. The root cause is that the service does not sufficiently validate an XML document received from an untrusted source, enabling an XML External Entity Injection vulnera...