5 matches found
EUVD-2017-3081
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shpresult.jsp, aka SAP Security Note 2308535...
CVE-2017-11460
Cross-site scripting XSS vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shpresult.jsp, aka SAP Security Note 2308535...
CVE-2017-11460
CVE-2017-11460 is a cross-site scripting (XSS) vulnerability in the DataArchivingService servlet of SAP NetWeaver Portal 7.4. The issue allows remote attackers to inject arbitrary web script or HTML by manipulating the responsecode parameter in shp/shp_result.jsp. Public sources consistently desc...
SAP NetWeaver AS Java 7.4 DataArchivingService servlet XSS
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: SAP Bugs: XXS Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2308535 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...