CVE-2022-29610

2022-05-1114:56:23

CWE-79

sap

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.

CNA Affected

[
  {
    "product": "SAP NetWeaver Application Server ABAP",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "753"
      },
      {
        "status": "affected",
        "version": "754"
      },
      {
        "status": "affected",
        "version": "755"
      },
      {
        "status": "affected",
        "version": "756"
      }
    ]
  }
]