CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-42956

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create content which when executed in the victim's browser leading to low impact on Confidentiality and Integrity with no effect on Availability of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.7%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2025-42956

Sap » Sap Basis » Version: 700

cpe:2.3:a:sap:sap_basis:700
Sap » Sap Basis » Version: 701

cpe:2.3:a:sap:sap_basis:701
Sap » Sap Basis » Version: 702

cpe:2.3:a:sap:sap_basis:702
Sap » Sap Basis » Version: 731

cpe:2.3:a:sap:sap_basis:731
Sap » Sap Basis » Version: 740

cpe:2.3:a:sap:sap_basis:740
Sap » Sap Basis » Version: 750

cpe:2.3:a:sap:sap_basis:750
Sap » Sap Basis » Version: 751

cpe:2.3:a:sap:sap_basis:751
Sap » Sap Basis » Version: 752

cpe:2.3:a:sap:sap_basis:752
Sap » Sap Basis » Version: 753

cpe:2.3:a:sap:sap_basis:753
Sap » Sap Basis » Version: 754

cpe:2.3:a:sap:sap_basis:754
Sap » Sap Basis » Version: 755

cpe:2.3:a:sap:sap_basis:755
Sap » Sap Basis » Version: 756

cpe:2.3:a:sap:sap_basis:756
Sap » Sap Basis » Version: 757

cpe:2.3:a:sap:sap_basis:757
Sap » Sap Basis » Version: 758

cpe:2.3:a:sap:sap_basis:758
Sap » Sap Basis » Version: 816

cpe:2.3:a:sap:sap_basis:816

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-42956

Products

Pricing

Contact Us