SAP : Security Vulnerabilities, CVEs, Published In 2009 (XSS)

CVE-2008-3358

Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.
Max CVSS
4.3
EPSS Score
0.31%
Published
2009-01-28
Updated
2018-10-11

CVE-2009-2932

Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field.
Max CVSS
4.3
EPSS Score
0.33%
Published
2009-08-21
Updated
2018-10-10
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close