In NW04 SP21 and below and in NW04S SP08 and below SP releases, Web Dynpro applications have a security vulnerability that allows cross site scripting via Webdynpro URL parameters.
Available fix and Supported packages
- SAP_JTECHS | 6.40 | 6.40
- SAP_JTECHF | 7.00 | 7.00
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.