Stored Cross Site Scripting Vulnerability in SAP NetWeaver AS JAVA User Admin Application
CVE-2025-0057

Currently unrated

Key Information:

Vendor: SAP
Vendor: CVE Published:; 14 January 2025

What is CVE-2025-0057?

The SAP NetWeaver AS JAVA User Admin Application is susceptible to a stored cross site scripting vulnerability. This security flaw allows an attacker, acting as an administrator, to upload images containing malicious JavaScript code. When an innocent user visits the affected component, the embedded code can execute, enabling the attacker to read and potentially manipulate sensitive information within the victim's web session.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://me.sap.com/notes/3514421

https://url.sap/sapsecuritypatchday

Timeline

Vulnerability published
Jan 14, 2025

JSON

SAP

What is CVE-2025-0057?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.