CVE-2022-27656

The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Configurations

Configuration 1

cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:8.04:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:7.22ext:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:7.49:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:7.53:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_krnl64uc:7.22:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.22:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:8.04:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.49:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.53:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.77:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.81:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.85:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.86:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_as_abap_kernel:7.87:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.49:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.53:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.77:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.81:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.83:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.85:*:*:*:*:*:*:*
cpe:2.3:a:sap:webdispatcher:7.22ext:*:*:*:*:*:*:*

Information

Published : 2022-05-11 03:15

Updated : 2022-05-19 05:49


NVD link : CVE-2022-27656

Mitre link : CVE-2022-27656

Products Affected
No products.
CWE