2 matches found
CVE-2022-29618
Due to insufficient input validation, SAP NetWeaver Development Infrastructure Design Time Repository - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or...
CVE-2022-29618
The connected records confirm a cross-site scripting (XSS) vulnerability in SAP NetWeaver Development Infrastructure (Design Time Repository) affecting versions 7.30, 7.31, 7.40, and 7.50. Root cause: insufficient input validation that lets an unauthenticated attacker inject script into the URL, ...