Cross-Site Scripting (XSS) Vulnerabilities in SAP NetWeaver Business Client (NWBC) Testcanvas Node

Cross-Site Scripting (XSS) Vulnerabilities in SAP NetWeaver Business Client (NWBC) Testcanvas Node

CVE-2014-4160 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas node in SAP NetWeaver Business Client (NWBC) allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) sap-accessibility parameter.

Learn more about our Web App Pen Testing.