CVE-2020-6213

Summary

SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_PHTMLB, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, is vulnerable to reflected Cross-Site Scripting (XSS) via different URL parameters as it does not sufficiently encode user controlled inputs.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 700affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 701affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 702affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 730affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 731affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 740affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 750affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 751affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 752affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 753affected
SAP SESAP NetWeaver AS ABAP (Business Server Pages Test Application SBSPEXT_PHTMLB)< 754affected

Weaknesses

  • Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References