VYPR
Unrated severityNVD Advisory· Published Jan 9, 2024· Updated Jun 3, 2025

Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform

CVE-2024-21738

Description

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.