CVE-2020-6184

Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:7.50:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:7.51:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:7.52:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:7.53:*:*:*:*:*:*:*
cpe:2.3:a:sap:s\/4hana:7.54:*:*:*:*:*:*:*

Information

Published : 2020-02-12 12:15

Updated : 2020-02-19 12:07


NVD link : CVE-2020-6184

Mitre link : CVE-2020-6184


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sap

  • s\/4hana
  • netweaver