N/A

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

SAP Netweaver 跨站脚本漏洞

SAP Netweaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。 SAP Netweaver存在跨站脚本漏洞，该漏洞源于攻击者可利用该漏洞可以制作一个恶意链接并将其发送给受害者。

N/A

N/A