CVE-2014-9569

Currently unrated

Key Information:

Vendor: SAP
Status: Netweaver Business Client For Html
Vendor: CVE Published:; 7 January 2015

Summary

Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver Business Client (NWBC) for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) roundtrips parameter, aka SAP Security Note 2051285.

References

http://secunia.com/advisories/62017

third-party-advisoryx_refsource_SECUNIA

http://www.senseofsecurity.com.au/advisories/SOS-14-005

x_refsource_MISC

http://www.securitytracker.com/id/1031509

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jan 7, 2015
Vulnerability Reserved
Jan 7, 2015