Security Advisory

CVE-2022-29618

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-14 18:35:37

Last updated 2024-08-03 06:26:06

Assigner sap

State PUBLISHED

Description

Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

← Browse all CVEs View on cve.org ↗