Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SapNetweaver Portal

3 matches found

CVE
CVEadded 2021/09/15 7:15 p.m.61 views

CVE-2021-33705

The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of request (e.g. POST, ...

8.1CVSS7.9AI score0.00691EPSS
CVE
CVEadded 2017/07/25 6:29 p.m.47 views

CVE-2017-11460

Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535.

6.1CVSS6AI score0.00233EPSS
CVE
CVEadded 2018/03/01 5:29 p.m.31 views

CVE-2018-2365

SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

6.1CVSS5.9AI score0.00313EPSS