CVE-2025-0057
Cross-Site Scripting vulnerability in SAP NetWeaver AS JAVA (User Admin Application)
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Productos afectados
SAP_SE · SAP NetWeaver AS JAVA (User Admin Application)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →