Vulnerabilities > SAP > Netweaver Application Server Abap > Low

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-41728 Missing Authorization vulnerability in SAP Netweaver Application Server Abap
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package.
network
low complexity
sap CWE-862
2.7
2024-09-10 CVE-2024-44114 Incorrect Authorization vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network.
network
low complexity
sap CWE-863
2.7
2022-05-11 CVE-2022-29610 Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
network
sap CWE-79
3.5
2021-06-09 CVE-2021-33665 Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
sap CWE-79
3.5
2021-06-09 CVE-2021-33664 Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP), versions - SAP_UI - 750,752,753,754,755, SAP_BASIS - 702, 731 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
sap CWE-79
3.5
2020-07-14 CVE-2020-6280 Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap
SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.
network
low complexity
sap
2.7