Unrated severityNVD Advisory· Published Feb 12, 2013· Updated Jun 16, 2026
CVE-2011-5260
CVE-2011-5260
Description
Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.