VYPR
Unrated severityNVD Advisory· Published Feb 12, 2020· Updated Aug 4, 2024

CVE-2020-6184

CVE-2020-6184

Description

Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.

Affected products

3
  • SAP/Netweaverllm-fuzzy
    Range: 7.40
  • SAP/S/4HANAllm-fuzzy
    Range: 7.50, 7.51, 7.52, 7.53, 7.54
  • SAP SE/Automated Note Search Tool (SAP Basis)v5
    Range: < 7.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.