VYPR
Unrated severityNVD Advisory· Published Apr 29, 2010· Updated Jun 16, 2026

CVE-2010-1609

CVE-2010-1609

Description

Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

3
  • SAP/Netweaver3 versions
    cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*
    • (no CPE)range: 2004 < SP21, 2004s < SP13

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.