Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
CVE-2023-33985
6.1MEDIUM
What is CVE-2023-33985?
SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Affected Version(s)
SAP NetWeaver Enterprise Portal 7.50