CVE-2018-2476

Summary

Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.

Affected Software

VendorProductVersion RangeStatus
SAPSAP NetWeaver (forums)= 7.30affected
SAPSAP NetWeaver (forums)= 7.31affected
SAPSAP NetWeaver (forums)= 7.40affected

Weaknesses

  • URL Redirection

ADP Enrichment

CVE Program Container

Additional References

References