Cross-Site Scripting Vulnerability in SAP Wily Introscope Enterprise Manager
CVE-2026-44757

4.7MEDIUM

Key Information:

Vendor

SAP

Vendor
CVE Published:
9 June 2026

What is CVE-2026-44757?

SAP Wily Introscope Enterprise Manager is vulnerable to a cross-site scripting (XSS) issue that permits an unauthenticated attacker to create a malicious URL. If a user accesses this URL, it could allow the attacker to execute arbitrary scripts in the user's browser within the context of the application. This security flaw raises concerns regarding potential unauthorized actions by attackers, though it poses minimal risks to data confidentiality and integrity.

Affected Version(s)

SAP Wily Introscope Enterprise Manager WILY_INTRO_ENTERPRISE 10.8

References

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.