CVE-2025-42945
HTML Injection vulnerability in SAP NetWeaver Application Server ABAP
SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or its manipulation. There is no impact on availability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
SAP_SE · SAP NetWeaver Application Server ABAP¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →