Netweaver Enterprise Portal@7.10 Security Vulnerabilities and Issues — Netweaver Enterprise Portal@7.10 CVE List

Lucene search

SapNetweaver Enterprise Portal7.10

8 matches found

CVE•added 2022/03/10 5:46 p.m.•90 views

CVE-2022-24395

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.

6.1CVSS6AI score0.00337EPSS

CVE•added 2022/04/12 5:15 p.m.•71 views

CVE-2022-26105

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network. On successful exploitation, an attacker can view or modify ...

6.1CVSS6.3AI score0.01324EPSS

CVE•added 2021/08/10 3:15 p.m.•64 views

CVE-2021-33702

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print it to the report. In a successful attack, a victim opens the report, and the malicious script gets exe...

8.3CVSS5.8AI score0.00899EPSS

CVE•added 2022/07/12 9:15 p.m.•57 views

CVE-2022-35172

6.1CVSS5.9AI score0.00337EPSS

CVE•added 2022/07/12 9:15 p.m.•53 views

CVE-2022-35225

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on con...

6.1CVSS5.9AI score0.00337EPSS

CVE•added 2022/07/12 9:15 p.m.•52 views

CVE-2022-35170

SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on con...

6.1CVSS5.9AI score0.00337EPSS

CVE•added 2022/07/12 9:15 p.m.•51 views

CVE-2022-32247

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User inputs while interacting on the Network. On successful exploitation, an attacker can view or modify ...

6.1CVSS6.2AI score0.01856EPSS

CVE•added 2021/09/14 12:15 p.m.•40 views

CVE-2021-21489

SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user related data, resulting in Stored Cross-Site Scripting (XSS) vulnerability. This would allow an attacker with administrative privileges to store a malicious script on the portal. T...

4.8CVSS4.8AI score0.00237EPSS