XML Document Validation Vulnerability in SAP NetWeaver's Knowledge Management (XMLForms)

XML Document Validation Vulnerability in SAP NetWeaver's Knowledge Management (XMLForms)

CVE-2018-2477 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.

Learn more about our Web Application Penetration Testing UK.