Sap: >> Netweaver Application Server Abap >> sap_basis_702 Security Vulnerabilities
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-13
SAP NetWeaver Application Server ABAP allows
an unauthenticated attacker to craft a URL link that could bypass allowlist
controls. Depending on the web applications provided by this server, the
attacker might inject CSS code or links into the web application that could
allow the attacker to read or modify information. There is no impact on
availability of application.
CVSS Score
4.7
EPSS Score
0.001
Published
2024-08-13