Описание
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0037
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
EPSS
Процентиль: 58%
0.0037
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79