2025-08-12 02:10:00
sap
PUBLISHED
SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victims browser, allowing the attacker to access and/or modify information related to the web client without affecting availability.