SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing JavaScript, leading to Stored Cross-Site Scripting.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2020-09-09T12:43:03
Updated: 2024-08-04T08:55:22.450Z
Reserved: 2020-01-08T00:00:00
Link: CVE-2020-6313
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-09-09T13:15:11.830
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-6313
Redhat
No data.