SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victim's browser, allowing the attacker to access and/or modify information related to the web client without affecting availability.

SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victim's browser, allowing the attacker to access and/or modify information related to the web client without affecting availability.

Уязвимость программного обеспечения разработки и выполнения приложений на языке ABAP SAP NetWeaver Application Server ABAP (BIC Document), позволяющая нарушителю проводить межсайтовые сценарные атаки и получить несанкционированный доступ к защищаемой информации