Insufficient XML Validation in SAML 2.0 Functionality in SAP NetWeaver AS Java
CVE-2018-2492 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
Learn more about our Web Application Penetration Testing UK.