SAP NetWeaver Enterprise Portal Vulnerability Exposes Users to Script Injection
CVE-2026-44759
6.1MEDIUM
What is CVE-2026-44759?
A security issue in SAP NetWeaver Enterprise Portal enables unauthenticated attackers to inject harmful scripts via URL parameters. When users access the maliciously crafted URL, the scripts are executed within their browsers. This leads to potential theft of sensitive session information and manipulation of the portal's content, posing risks to user data integrity and privacy. No impact on application availability is noted.
Affected Version(s)
SAP NetWeaver Enterprise Portal EP-RUNTIME 7.50