Vulnerability Details CVE-2020-6324
SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s browser leading to Reflected Cross Site Scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2020-6324
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:700
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:701
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:702
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:730
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:731
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:740
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:750
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:751
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:752
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:753
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:754
-
cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:755