CVE-2020-6370

Published: Oct 20, 2020Modified: Nov 21, 2024

4.8

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Exploitability: 1.7 / Impact: 2.7

Source: NVD

Description

SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Affected (5)

Products: Sap: Netweaver Design Time Repository

Sap

1 product

Netweaver Design Time Repository

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver Design Time Repository	Version 7.11
Sap Netweaver Design Time Repository	Version 7.30
Sap Netweaver Design Time Repository	Version 7.31
Sap Netweaver Design Time Repository	Version 7.40
Sap Netweaver Design Time Repository	Version 7.50