Primary

Context

SAP NetWeaver Application Server ABAP Open Redirect Vulnerability

Vulnerability

An open redirect vulnerability has been identified in SAP NetWeaver Application Server ABAP. This vulnerability allows an unauthenticated attacker to create a malicious URL that, when accessed by a victim, can redirect them to a page controlled by the attacker. The vulnerability has a low impact on the application's confidentiality and integrity, with no effect on availability.

Impact

Exploitation of this vulnerability could lead to unauthorized redirection of users to potentially malicious sites, controlled by the attacker.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, specifically on the SAP Security Patch Day.

Added: Apr 14, 2026, 1:26 AM

Updated: Apr 14, 2026, 1:26 AM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.2

exploitability

6.2

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.2

exploitability

6.2

remediation

0.0

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP NetWeaver Application Server ABAP Open Redirect Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SAP NetWeaver Application Server ABAP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating