Unrated severityNVD Advisory· Published Jun 14, 2022· Updated Aug 3, 2024
CVE-2022-29618
CVE-2022-29618
Description
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Affected products
2- Range: =7.30, 7.31, 7.40, 7.50
- SAP SE/SAP NetWeaver Development Infrastructure (Design Time Repository)v5Range: 7.30
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.