SAP Netweaver AS Java Web Application 7.50 SAML 2.0 Service Provider XSS Vulnerability
CVE-2018-2371 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.
Learn more about our Web App Pen Testing.