CVE-2020-6184

Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.
References
Configurations

Configuration 1

cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:s/4hana:7.50:*:*:*:*:*:*:*
cpe:2.3:a:sap:s/4hana:7.51:*:*:*:*:*:*:*
cpe:2.3:a:sap:s/4hana:7.53:*:*:*:*:*:*:*
cpe:2.3:a:sap:s/4hana:7.54:*:*:*:*:*:*:*
cpe:2.3:a:sap:s/4hana:7.52:*:*:*:*:*:*:*

Information

Published : 2020-02-12 08:15

Updated : 2020-02-19 08:07


NVD link : CVE-2020-6184

Mitre link : CVE-2020-6184

Products Affected
No products.
CWE