SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2020-10-15T02:03:40

Updated: 2024-08-04T09:02:39.998Z

Reserved: 2020-01-08T00:00:00

Link: CVE-2020-6365

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-10-15T03:15:12.247

Modified: 2021-04-12T14:21:57.857

Link: CVE-2020-6365

cve-icon Redhat

No data.