Security Advisory

CVE-2021-21490

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-09 13:23:40

Last updated 2024-08-03 18:16:22

Assigner sap

State PUBLISHED

Description

SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A, 75F, does not sufficiently encode input and output parameters which results in reflected cross site scripting vulnerability, through which a malicious user can access data relating to the current session and use it to impersonate a user and access all information with the same rights as the target user.

← Browse all CVEs View on cve.org ↗