CVE-2020-6324
published 2020-09-09CVE-2020-6324: SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s browser leading to Reflected Cross Site Scripting.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap | netweaver_as_abap_business_server_pages | — | — |
| sap_se | sap_netweaver_as_abap | < 700 | 700 |
| sap_se | sap_netweaver_as_abap | < 701 | 701 |
| sap_se | sap_netweaver_as_abap | < 702 | 702 |
| sap_se | sap_netweaver_as_abap | < 730 | 730 |
| sap_se | sap_netweaver_as_abap | < 731 | 731 |
| sap_se | sap_netweaver_as_abap | < 740 | 740 |
| sap_se | sap_netweaver_as_abap | < 750 | 750 |
| sap_se | sap_netweaver_as_abap | < 751 | 751 |
| sap_se | sap_netweaver_as_abap | < 752 | 752 |
| sap_se | sap_netweaver_as_abap | < 753 | 753 |
| sap_se | sap_netweaver_as_abap | < 754 | 754 |
| sap_se | sap_netweaver_as_abap | < 755 | 755 |