CNNVD-202512-1499 Information
Dec 09, 2025
cve
CNNVD ID
CNNVD-202512-1499
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
SAP NetWeaver Enterprise Portal是德国思爱普(SAP)公司的一个 SAP NetWeaver的 Web 前端组件。 SAP NetWeaver Enterprise Portal存在安全漏洞,该漏洞源于跨站脚本攻击可导致会话cookie和令牌等敏感信息泄露,对机密性和完整性影响较低。
Description (English)
SAP NetWeaver Enterprise Portal is a Swedish front-end component of SAP NetWeaver of SAP Germany. The security gap in SAP NetWeaver Enterprise Portal stems from the fact that cross-site scrip attacks can lead to the disclosure of sensitive information, such as conversations cookies and tokens, with a low impact on confidentiality and integrity.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
思爱普
Published
2025-12-09
Last Modified
2026-02-24
References
https://me.sap.com/notes/3662622 https://url.sap/sapsecuritypatchday
Patch
https://url.sap/sapsecuritypatchday
Share on: