Unrated severityNVD Advisory· Published Jan 9, 2024· Updated Jun 3, 2025
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Application Server and ABAP Platform
CVE-2024-21738
Description
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.
Affected products
3- Range: SAP_BASIS 700
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.