CVE-2018-2365
published 2018-03-01CVE-2018-2365: SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS)…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_portal | — | — |
| sap | netweaver_portal | — | — |
| sap | netweaver_portal | — | — |
| sap | netweaver_portal | — | — |
| sap_se | sap_netweaver_portal_webdynpro_runtime | — | — |
| sap_se | sap_netweaver_portal_webdynpro_runtime | — | — |
| sap_se | sap_netweaver_portal_webdynpro_runtime | — | — |
| sap_se | sap_netweaver_portal_webdynpro_runtime | — | — |