CVE-2014-1964CVE-2014-1964

Affected configuration(s):

cpe:/a:sap:netweaver:-
cpe:/a:sap:netweaver_exchange_infrastructure_%28bc-xi%29:-

Date published: 2014-02-14T10:55:07.563-05:00

Date last modified: 2017-08-28T21:34:28.780-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/

Summary: Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.