Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP NetWeaver Portal ReportXmlViewer XML外部实体漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台,它可为SAP应用提供开发和运行环境。SAP NetWeaver Portal是其中的一套门户网站解决方案,它通过Web浏览器提供单点登录信息进行身份验证。 SAP NetWeaver Portal 7.31.201109172004版本的ReportXmlViewer中存在XML外部实体漏洞。远程攻击者可借助特制的XML文档利用该漏洞向内网服务器发送请求。
CVSS Information
N/A
Vulnerability Type
N/A