Date published: 2014-02-14T10:55:07.563-05:00
Date last modified: 2017-08-28T21:34:28.780-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Reference URL: http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/
Summary: Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.