Reflected Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS ABAP

Reflected Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS ABAP

CVE-2020-26835 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability.

Learn more about our Web Application Penetration Testing UK.