VYPR
Unrated severityNVD Advisory· Published Mar 14, 2023· Updated Feb 27, 2025

Cross-Site Scripting (XSS) vulnerability in SAP Content Server

CVE-2023-26457

Description

SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data.

Affected products

2
  • SAP/Content Serverllm-fuzzy2 versions
    =7.53+ 1 more
    • (no CPE)range: =7.53
    • (no CPE)range: 7.53

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.