Vulnerabilities > CVE-2022-39799 - Unspecified vulnerability in SAP Netweaver Application Server Abap
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |