Reflected Cross-Site Scripting Vulnerability in SAP NetWeaver Enterprise Portal
CVE-2022-35172
6.1MEDIUM
What is CVE-2022-35172?
The SAP NetWeaver Enterprise Portal is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability due to inadequate encoding of user-controlled inputs. This flaw may allow attackers to execute arbitrary scripts in the context of other users' sessions, potentially compromising sensitive data and application integrity. This highlights the importance of securely handling user inputs and implementing robust output encoding mechanisms within web applications.
Affected Version(s)
SAP NetWeaver Enterprise Portal 7.10
SAP NetWeaver Enterprise Portal 7.11
SAP NetWeaver Enterprise Portal 7.20