Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2021-08-10T14:08:06
Updated: 2024-08-03T23:58:22.542Z
Reserved: 2021-05-28T00:00:00
Link: CVE-2021-33703
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-08-10T15:15:08.027
Modified: 2024-11-21T06:09:24.393
Link: CVE-2021-33703
Redhat
No data.