SAP : Security Vulnerabilities, CVEs, Published In 2009 (XSS)
Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.
Max CVSS
4.3
EPSS Score
0.31%
Published
2009-01-28
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field.
Max CVSS
4.3
EPSS Score
0.33%
Published
2009-08-21
Updated
2018-10-10
2 vulnerabilities found