CVE-2020-6185

Summary

Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver (SAP Basis)= 7.40affected
SAP SESAP S/4HANA (SAP Basis)= 7.50affected
SAP SESAP S/4HANA (SAP Basis)= 7.51affected
SAP SESAP S/4HANA (SAP Basis)= 7.52affected
SAP SESAP S/4HANA (SAP Basis)= 7.53affected
SAP SESAP S/4HANA (SAP Basis)= 7.54affected

Weaknesses

  • Stored Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References