VYPR
Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025

CVE-2022-41262

CVE-2022-41262

Description

Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.