CVE-2020-6205
published 2020-03-10CVE-2020-6205: SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, 7.51, 7.52, 7.53, 7.54…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, 7.51, 7.52, 7.53, 7.54; does not sufficiently encode user controlled inputs, allowing an unauthenticated attacker to non-permanently deface or modify displayed content and/or steal authentication information of the user and/or impersonate the user and access all information with the same rights as the target user, leading to Reflected Cross Site Scripting Vulnerability.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.00 | 7.00 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.01 | 7.01 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.02 | 7.02 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.10 | 7.10 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.11 | 7.11 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.30 | 7.30 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.31 | 7.31 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.40 | 7.40 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.50 | 7.50 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.51 | 7.51 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.52 | 7.52 |
| sap_se | sap_netweaver_application_server_abap_sap_basis | < 7.53 | 7.53 |