Vulnerabilities > SAP > Netweaver > 7.50
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-09 | CVE-2018-2470 | Cross-site Scripting vulnerability in SAP Netweaver In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 6.1 |
2018-09-11 | CVE-2018-2464 | Cross-site Scripting vulnerability in SAP Netweaver SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability. | 6.1 |
2018-09-11 | CVE-2018-2462 | Improper Input Validation vulnerability in SAP Netweaver In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. | 8.8 |