Sap Netweaver vulnerabilities
2 known vulnerabilities affecting sap/sap_netweaver.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2018-2476MEDIUMCVSS 6.1v= 7.30v= 7.31+1 more2018-11-13
CVE-2018-2476 [MEDIUM] CWE-601 CVE-2018-2476: Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker
Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.
cvelistv5nvd
CVE-2018-2434MEDIUMCVSS 4.3v= 1.0v= 7.02018-07-10
CVE-2018-2434 [MEDIUM] CWE-345 CVE-2018-2434: A content spoofing vulnerability in the following components allows to render html pages containing
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.5
cvelistv5nvd