CNNVD-202507-806 Information
CNNVD ID
CNNVD-202507-806
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
SAP ABAP Platform和SAP NetWeaver Application Server ABAP都是德国思爱普(SAP)公司的产品。SAP ABAP Platform是一个基于 ABAP 的 SAP 解决方案。SAP NetWeaver Application Server ABAP是一个运行和开发基于ABAP语言的应用程序的平台。 SAP NetWeaver Application Server ABAP和SAP ABAP Platform存在跨站脚本漏洞,该漏洞源于未验证攻击者可注入恶意脚本到动态URL。
Description (English)
SAP ABAP Platform and SAP NetWeaver Application Server ABAP are products of SAP Germany. SAP ABAP Platform is a SAP solution based on ABAP. SAP NetWeaver Application Server ABAP is a platform for the operation and development of applications based on the AABAP language. SAP NetWeaver Application Server ABAP and SAP ABAAP Platform have a cross-site script loophole, which stems from the fact that unverified attackers can inject malicious scripts into dynamic URLs.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
思爱普
Published
2025-07-08
Last Modified
2026-02-24
References
https://me.sap.com/notes/3596987 https://url.sap/sapsecuritypatchday
Patch
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html
Share on: