CVE-2024-27902

CVSS V2 None CVSS V3 None
Description
Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. A successful attack can allow a malicious attacker to access and modify data through their ability to execute code in a user’s browser. There is no impact on the availability of the system
Overview
  • CVE ID
  • CVE-2024-27902
  • Assigner
  • sap
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-12T00:45:08.794Z
  • Last Modified Date
  • 2024-06-04T17:47:26.941Z
History
Created Old Value New Value Data Type Notes
2024-06-26 01:48:24 Added to TrackCVE