SAP NetWeaver Enterprise Portal Cross-Site Scripting Vulnerability (CNVD-2022-56964)

SAP NetWeaver Enterprise Portal is a Web front-end component of SAP NetWeaver. Versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 contain a cross-site scripting vulnerability that stems from a failure to adequately encode user input via web control, which could be exploited by an attacker to execute JavaScript code on the client side.