4 matches found
Code injection
SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...
CVE-2023-40624 Code Injection vulnerability in SAP NetWeaver AS ABAP (applications based on Unified Rendering)
SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...
CVE-2023-40624 Code Injection vulnerability in SAP NetWeaver AS ABAP (applications based on Unified Rendering)
SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...
CVE-2023-40624
SAP NetWeaver AS ABAP (Unified Rendering) is affected in SAP_UI 754–758 and SAP_BASIS 702, 731. The root cause is insufficient validation/escaping of user-supplied data, allowing an attacker to inject JavaScript that is executed in the web application. This can enable an attacker to influence the...