Vulnerabilities > SAP > Java AS > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-04-14 CVE-2016-4016 Cross-site Scripting vulnerability in SAP Java AS 7.4
Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remote attackers to inject arbitrary web script or HTML via the title parameter to webdynpro/resources/sap.com/xapps~xmii~ui~admin~navigation/NavigationApplication, aka SAP Security Note 2201295.
network
low complexity
sap CWE-79
6.1