CVE-2022-24397
CVE-2022-24397 affects SAP NetWeaver Enterprise Portal versions 7.30, 7.31, 7.40 and 7.50. The root cause is insufficient encoding of user-controlled inputs, enabling reflected XSS that can deface or modify displayed portal content and potentially compromise the victim’s browser confidentiality a...