3 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the 1 ns or 2 interface parameter to ProxyServer/register, aka SAP Security Note 2220571...
CVE-2016-2387
CVE-2016-2387 pertains to SAP NetWeaver 7.4, affecting the Java Proxy Runtime ProxyServer servlet. The vulnerability enables cross-site scripting (XSS) via the ProxyServer/register endpoint, by manipulating the ns or interface parameters, as noted in SAP Security Note 2220571. Public advisories (...
SAP NetWeaver 7.4 (ProxyServer servlet) - XSS vulnerability
Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: SAP Bugs: Cross Site Scripting XSS Reported: 10.08.2015 Vendor response: 11.08.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2220571 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class...