Vulnerabilities > CVE-2022-35298 - Unspecified vulnerability in SAP Netweaver Enterprise Portal 7.50
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
SAP NetWeaver Enterprise Portal (KMC) - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromise the confidentiality and integrity of victim’s web browser session.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |