CVE-2014-4160

Currently unrated

Key Information:

Vendor: SAP
Status: Netweaver Business Client
Vendor: CVE Published:; 13 June 2014

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas node in SAP NetWeaver Business Client (NWBC) allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) sap-accessibility parameter.

References

http://www.securityfocus.com/bid/67995

vdb-entryx_refsource_BID

http://blog.emaze.net/2014/05/sap-multiple-vulnerabilitie...

x_refsource_MISC

http://scn.sap.com/docs/DOC-8218

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 13, 2014
Vulnerability Reserved
Jun 13, 2014