Multiple XSS Vulnerabilities in SAP NetWeaver Business Client
CVE-2014-4160

Currently unrated

Key Information:

Vendor

SAP
Status
Netweaver Business Client
Vendor
CVE Published:
13 June 2014

What is CVE-2014-4160?

The SAP NetWeaver Business Client contains multiple cross-site scripting vulnerabilities within the testcanvas node. These flaws enable remote attackers to execute arbitrary web scripts or HTML by exploiting the title or sap-accessibility parameters, potentially compromising user data and application integrity. Proper input validation and output encoding measures are crucial to mitigate such risks and secure web applications effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/67995
vdb-entryx_refsource_BID
http://blog.emaze.net/2014/05/sap-multiple-vulnerabilitie...
x_refsource_MISC
http://scn.sap.com/docs/DOC-8218
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.