Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2021-08-10T14:08:06

Updated: 2024-08-03T23:58:22.542Z

Reserved: 2021-05-28T00:00:00

Link: CVE-2021-33703

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-10T15:15:08.027

Modified: 2024-11-21T06:09:24.393

Link: CVE-2021-33703

cve-icon Redhat

No data.