CVE-2024-45279
published 2024-09-10CVE-2024-45279: Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |
| sap_se | sap_netweaver_application_server_for_abap | — | — |