CVE-2020-6326

SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting.
Configurations

Configuration 1

cpe:2.3:a:sap:netweaver_knowledge_management:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.50:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.30:*:*:*:*:*:*:*

Information

Published : 2020-09-09 01:15

Updated : 2020-09-14 05:49


NVD link : CVE-2020-6326

Mitre link : CVE-2020-6326

Products Affected
No products.
CWE