SAP NetWeaver Portal is a component of the SAP NetWeaver architecture from SAP Germany. cross-site scripting vulnerabilities exist in SAP NetWeaver Portal versions 7.30, 7.31, 7.40 and 7.50, which stem from a failure to adequately validate user-controlled input. An attacker could exploit the vulnerability to execute arbitrary scripting code that could lead to the theft or modification of a userβs authentication information, such as data related to the userβs current session.