CVE-2023-37488 Information

Description

In SAP NetWeaver Process Integration - versions SAP_XIESR 7.50 SAP_XITOOL 7.50 SAP_XIAF 7.50 user-controlled inputs if not sufficiently encoded could result in Cross-Site Scripting (XSS) attack. On successful exploitation the attacker can cause limited impact on confidentiality and integrity of the system.

Reference

https://me.sap.com/notes/3350494 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html