SAP NetWeaver Application Server ABAP
0 remedies
cpe:2.3:a:sap:netweaver_application_server_abap:*:*:*:*:*:*:*, +1 more
0 remedies
SAP NetWeaver Application Server ABAP Open Redirect Vulnerability Allowing Cross-Site Scripting
Vulnerability
An open redirect vulnerability has been identified in SAP NetWeaver Application Server ABAP. This vulnerability allows an unauthenticated attacker to create a URL that includes a malicious script, which is not properly sanitized. When a victim clicks on the link, the script executes in their browser, redirecting them to an attacker-controlled site. This exploitation could lead to unauthorized access or modification of restricted information related to the web client. While there is no impact on data availability, the vulnerability significantly risks confidentiality and integrity.
Impact
Exploitation of this vulnerability could result in cross-site scripting, allowing an attacker to execute scripts in the context of the victim's browser.
Remediation
Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically during the monthly SAP Security Patch Day.
Added: Jul 8, 2025, 1:26 AM
Updated: Jul 8, 2025, 1:26 AM
Vulnerability Rating
Custom Algorithm
spread
6.2impact
5.4exploitability
6.4remediation
0.0relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.