Vulnerabilities > SAP > Netweaver Application Server Abap > 7.85
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-13 | CVE-2022-35294 | Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. | 5.4 |
2022-09-13 | CVE-2022-39799 | Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. | 6.1 |
2022-02-09 | CVE-2022-22536 | HTTP Request Smuggling vulnerability in SAP products SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. | 10.0 |