Vulnerabilities > CVE-2023-37488 - Unspecified vulnerability in SAP Netweaver Process Integration 7.50
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
In SAP NetWeaver Process Integration - versions SAP_XIESR 7.50, SAP_XITOOL 7.50, SAP_XIAF 7.50, user-controlled inputs, if not sufficiently encoded, could result in Cross-Site Scripting (XSS) attack. On successful exploitation the attacker can cause limited impact on confidentiality and integrity of the system.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |