CVE-2019-0321

ABAP Server and ABAP Platform (SAP Basis), versions, 7.31, 7.4, 7.5, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Published : 2019-07-10 19:15 Updated : 2019-07-19 12:42

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Sap Netweaver As Abap 7.4 cpe:/a:sap:netweaver_as_abap:7.4
Sap Netweaver As Abap 7.5 cpe:/a:sap:netweaver_as_abap:7.5
Sap Netweaver As Abap 7.31 cpe:/a:sap:netweaver_as_abap:7.31
  1. Sap (1) Search CVE
    1. Netweaver As Abap (3) Search CVE
      1. 7.4
      2. 7.5
      3. 7.31

CWE

ID Name Description Links
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. CVE

History of changes

Date Event
2019-07-19 12:42
2019-07-10 19:55

New CVE