SAP NetWeaver (Design Time Repository) Security Vulnerabilities
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this...
6.4CVSS
5.3AI Score
0.001EPSS
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the userβs browser. On successful exploitation, an attacker can view or...
6.1CVSS
6.3AI Score
0.001EPSS
SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)...
4.8CVSS
4.9AI Score
0.001EPSS