3 matches found
CVE-2020-6313
SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...
SAP NetWeaver AS Java Multiple XSS (2953112)
The version of SAP NetWeaver AS Java detected on the remote host may be affected by multiple cross-site scripting vulnerabilities, as follows: - SAP NetWeaver Application Server JAVA XML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an...
CVE-2020-6313
CVE-2020-6313 affects SAP NetWeaver Application Server Java (XML Forms) on versions 7.30, 7.31, 7.40, 7.50. The root cause is insufficient encoding of user-controlled inputs, enabling an authenticated user with special roles to store content that, when accessed by a victim, can execute JavaScript...