← back
CVE-2012-1290

CVE-2012-1290

EPSS 1.2%
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://dsecrg.com/pages/vul/show.php?id=414http://secunia.com/advisories/47861https://service.sap.com/sap/support/notes/1583300http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6ahttp://www.securityfocus.com/bid/52101