CVE-2025-42901
Code Injection vulnerability in SAP Application Server for ABAP (BAPI Browser)
SAP Application Server for ABAP allows an authenticated attacker to store malicious JavaScript payloads which could be executed in victim user's browser when accessing the affected functionality of BAPI explorer. This has low impact on confidentiality and integrity with no impact on availability of the application.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
SAP_SE · SAP Application Server for ABAP (BAPI Browser)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →