CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-47594

SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link, confidentiality and integrity of their web browser session could be compromised.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.0%

CVSS Severity

CVSS v3 Score 5.4

References

https://me.sap.com/notes/3503462
https://url.sap/sapsecuritypatchday

Products affected by CVE-2024-47594

Sap » Netweaver Enterprise Portal » Version: 7.50

cpe:2.3:a:sap:netweaver_enterprise_portal:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47594

Products

Pricing

Contact Us