Vulnerabilities > SAP > Netweaver Application Server Abap > 793
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-09 | CVE-2024-21738 | Unspecified vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation. | 5.4 |
2023-08-08 | CVE-2023-37492 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 793, SAP_BASIS 804, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 6.5 |