Description
SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal content, or user redirection, resulting in a low impact on the application's confidentiality and integrity, with no impact on availability.
Published: 2026-01-13
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting reflected in URL parameters
Action: Assess Impact
AI Analysis

Impact

An unauthenticated attacker can craft a URL that injects malicious JavaScript into a parameter processed by SAP NetWeaver Enterprise Portal. The script is reflected back in the server response and executed in the victim’s browser when the URL is visited, allowing the attacker to steal session data, alter portal content, or redirect the user. The impact is limited to confidentiality and integrity of the application, with no effect on availability, as described by the vendor.

Affected Systems

All installations of SAP NetWeaver Enterprise Portal are affected. No specific version range is supplied in the advisory, so all releases of the product should be considered potentially vulnerable until a patch is issued.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate risk, and the EPSS score of less than 1% suggests very low probability of real‑world exploitation at present. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is an unauthenticated attacker sending the crafted URL to a legitimate user; the user must open or click the link in a web browser for the script to run. No additional attacker privileges or network conditions are required beyond access to the public web interface.

Generated by OpenCVE AI on April 18, 2026 at 06:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Validate or encode all URL parameters to prevent reflection of arbitrary scripts
  • Implement a Content Security Policy that restricts inline script execution
  • Ensure session cookies are marked HttpOnly, Secure, and consider moving to token‑based authentication to limit credential theft risk

Generated by OpenCVE AI on April 18, 2026 at 06:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 13 Jan 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Sap
Sap netweaver Enterprise Portal
Vendors & Products Sap
Sap netweaver Enterprise Portal

Tue, 13 Jan 2026 01:45:00 +0000

Type Values Removed Values Added
Description SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal content, or user redirection, resulting in a low impact on the application's confidentiality and integrity, with no impact on availability.
Title Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Sap Netweaver Enterprise Portal
cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published:

Updated: 2026-01-13T14:47:20.849Z

Reserved: 2025-12-09T22:06:40.557Z

Link: CVE-2026-0499

cve-icon Vulnrichment

Updated: 2026-01-13T14:47:18.313Z

cve-icon NVD

Status : Deferred

Published: 2026-01-13T02:15:52.467

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-0499

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T07:00:11Z

Weaknesses