Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Security Note Cross Site scripting in System Info NWA, SAP security note 1169367

Description

System Info in NWA is not escaping some special characters.

Available fix and Supported packages

  • LM-CORE | 7.00 | 7.00
  • LM-CORE | 7.10 | 7.10
  • SAP-JEE | 6.40 | 6.40
  • SAP-JEE | 7.00 | 7.01

Affected component

    BC-JAS-ADM-ADM
    Administration

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1169367

TAGS

#There-is-a-risk-of-cross-site-scripting-through-System-Info-in-NWA.

More to explorer