Reflected Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME)

Reflected Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME)

CVE-2020-6229 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME), versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not sufficiently encode user controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.