Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP NetWeaver AS JAVA Visual Composer VC70RUNTIME组件安全漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台,该平台可为SAP应用提供开发和运行环境。SAP NetWeaver AS(Application Server)Java是一款运行于NetWeaver中且基于Java编程语言的应用服务器。Visual Composer VC70RUNTIME是其中的一个可视化编辑组件。 SAP NetWeaver AS JAVA 7.5 版本中的Visual Composer VC70RUNTIME组件存在XML外部实体注入漏洞。远程攻击
CVSS Information
N/A
Vulnerability Type
N/A