Описание
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser.
EPSS
4.8 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser.
Уязвимость программных интеграционных платформ SAP NetWeaver AS Java, связанная с неограниченной загрузкой файлов опасного типа, позволяющая нарушителю выполнить межсайтовый скриптинг
EPSS
4.8 Medium
CVSS3