CVE-2021-38183

UNKNOWN

Published 2021-10-12T14:04:07

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-38183. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

SAP SE

SAP NetWeaver

Affected Versions:

< 700 < 701 < 702 < 730

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-f9gf-3986-8cqm

Advisory Details

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-38183

WEB https://launchpad.support.sap.com/#/notes/3084937

WEB https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983

https://launchpad.support.sap.com/#/notes/3084937

Published: 2021-10-12T14:04:07

Last Modified: 2024-08-04T01:37:16.304Z

Copied to clipboard!

CVE-2021-38183

Expert Analysis

Description

Available Exploits

Related News

Affected Products

SAP NetWeaver

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

References

References

Request Analysis

What to expect

Request Received!