Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-mc4p-q6wc-4cwx

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.

Ссылки

EPSS

Процентиль: 71%
0.00666
Низкий

CVE ID

CVE-2021-33703

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2021-33703

CVSS3: 6.1
nvd
больше 4 лет назад

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.

EPSS

Процентиль: 71%
0.00666
Низкий

CVE ID

CVE-2021-33703

Дефекты

CWE-79