Insufficient URL Validation in SAP NetWeaver ABAP Server and ABAP Platform Allows for User Redirection to Malicious Sites

Insufficient URL Validation in SAP NetWeaver ABAP Server and ABAP Platform Allows for User Redirection to Malicious Sites

CVE-2022-41215 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.

Learn more about our Cis Benchmark Audit For Server Software.