Security Advisory

CVE-2025-42990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-10 00:12:33

Last updated 2025-06-10 15:15:39

Assigner sap

State PUBLISHED

Description

Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML code into a webpage, with the goal of redirecting users to the attacker controlled URL. This issue could impact the integrity of the application. Confidentiality or Availability are not impacted.

← Browse all CVEs View on cve.org ↗