Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
CVE-2024-21738 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.
Learn more about our Cis Benchmark Audit For Server Software.