CNNVD-202511-1302 Information

CNNVD ID

CNNVD-202511-1302

Related CVE

CVE-2025-42886

• CNNVD Published: 2025-11-11

Description (Chinese)

SAP Business Connector是德国思爱普（SAP）公司的一种中间件。 SAP Business Connector存在跨站脚本漏洞，该漏洞源于反射型跨站脚本漏洞，可能导致攻击者访问或修改受害者浏览器范围内的信息。

Description (English)

SAP Business Contractor is an intermediate of SAP in Germany. SAP Business Contractor has a cross-site script loophole, which results from a reflector-type cross-site script loophole, which may lead to the attackers visiting or modifying information within the victim browser.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

思爱普

Published

2025-11-11

Last Modified

2026-02-24

References

https://me.sap.com/notes/3665907 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42886

Patch

https://url.sap/sapsecuritypatchday