Due to weak encoding of user-controlled input in
SAP NetWeaver Knowledge Management XMLEditor which allows malicious scripts can
be executed in the application, potentially leading to a Cross-Site Scripting
(XSS) vulnerability. This has no impact on the availability of the application
but it has a low impact on its confidentiality and integrity.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-07-09 04:15
Updated : 2024-07-09 18:19
NVD link : CVE-2024-34685
Mitre link : CVE-2024-34685
CVE.ORG link : CVE-2024-34685
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')