SAP BSP applications
Moderate fix1 remedy
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:*:*:*:*:*:*:*
Moderate fix1 remedy
SAP BSP Applications Cross-Site Scripting Vulnerability
Vulnerability
A cross-site scripting (XSS) vulnerability has been identified in SAP BSP applications. This issue allows an unauthenticated user to inject malicious scripts through user-controlled URL parameters that are not properly sanitized. When a victim accesses a manipulated URL, the injected script executes in the victim's browser. This vulnerability has a low impact on confidentiality and integrity, with no effect on the application's availability.
Impact
Exploitation of this vulnerability allows for cross-site scripting, where injected scripts are executed in the context of the victim's browser.
Remediation
Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform.
Added: Feb 10, 2026, 5:39 AM
Updated: Feb 10, 2026, 5:39 AM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
0.4exploitability
5.8remediation
6.0relevance
2.7threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.