CVE-2014-1965CVE-2014-1965

Affected configuration(s):

cpe:/a:sap:netweaver:3.0
cpe:/a:sap:netweaver:7.0
cpe:/a:sap:netweaver:7.01
cpe:/a:sap:netweaver:7.02
cpe:/a:sap:netweaver:7.10
cpe:/a:sap:netweaver:7.11

Date published: 2014-02-14T10:55:07.830-05:00

Date last modified: 2017-08-28T21:34:28.827-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://erpscan.com/advisories/erpscan-14-006-sap-netweaver-pip-xss/

Summary: Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.