5 matches found
CVE-2025-26653
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an attacker, without requiring any privileges, to inject malicious JavaScript into a website. When a user visits the compromised page,...
CVE-2025-26653
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an attacker, without requiring any privileges, to inject malicious JavaScript into a website. When a user visits the compromised page,...
CVE-2025-26653
creationtimestamp| type| source ---|---|--- 2025-04-08 07:46:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10872 2025-04-08 09:18:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmc5ecmaco2c 2025-04-08 11:29:20+00:00| seen| https://t.me/cvedetector/22431...
CVE-2025-26653 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML)
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting XSS vulnerability. This enables an attacker, without requiring any privileges, to inject malicious JavaScript into a website. When a user visits the compromised page,...
CVE-2025-26653
SAP NetWeaver Application Server ABAP is affected by a Stored XSS due to insufficient encoding of user-controlled inputs. Affected component: SAP NetWeaver AS ABAP (applications based on SAP GUI for HTML). Impact: attacker can inject and execute malicious JavaScript in a victim’s browser, comprom...