CVE-2024-27902
CVSS V2 None
CVSS V3 None
Description
Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. A successful attack can allow a malicious attacker to access and modify data through their ability to execute code in a user’s browser. There is no impact on the availability of the system
Overview
- CVE ID
- CVE-2024-27902
- Assigner
- sap
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-03-12T00:45:08.794Z
- Last Modified Date
- 2024-06-04T17:47:26.941Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-27902 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27902 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 01:48:24 | Added to TrackCVE |