Medium severity5.4NVD Advisory· Published Oct 8, 2024· Updated Jun 17, 2026
CVE-2024-47594
CVE-2024-47594
Description
SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link, confidentiality and integrity of their web browser session could be compromised.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: KMC-BC 7.5
Patches
Vulnerability mechanics
References
2- url.sap/sapsecuritypatchdaynvdVendor Advisory
- me.sap.com/notes/3503462nvdPermissions Required
News mentions
0No linked articles in our index yet.