CVE-2024-45279
CVSS V2 None
CVSS V3 None
Description
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
Overview
- CVE ID
- CVE-2024-45279
- Assigner
- sap
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-10T04:29:45.830Z
- Last Modified Date
- 2024-09-10T04:29:45.830Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://me.sap.com/notes/3501359 | |
https://url.sap/sapsecuritypatchday |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-45279 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45279 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-09-10 13:08:46 | Added to TrackCVE |