Security Advisory

CVE-2025-0057

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-14 00:08:50

Last updated 2025-01-14 15:01:00

Assigner sap

State PUBLISHED

Description

SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victims web browser.

← Browse all CVEs View on cve.org ↗