Skip links

Security Note Cross Site scripting in System Info NWA, SAP security note 1169367

Description

System Info in NWA is not escaping some special characters.

Available fix and Supported packages

  • LM-CORE | 7.00 | 7.00
  • LM-CORE | 7.10 | 7.10
  • SAP-JEE | 6.40 | 6.40
  • SAP-JEE | 7.00 | 7.01

Affected component

    BC-JAS-ADM-ADM
    Administration

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1169367

TAGS

#There-is-a-risk-of-cross-site-scripting-through-System-Info-in-NWA.