2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783...
SAP NetWeaver AS JAVA 7.3 AS JAVA XSS in ctcprotocol/Protocol servlet
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.3 Vendor URL: SAP Bugs: XXS Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 11.04.2017 Reference: SAP Security Note 2406783 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS...