CVE-2020-6324

Summary

SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s browser leading to Reflected Cross Site Scripting.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 700affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 701affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 702affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 730affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 731affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 740affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 750affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 751affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 752affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 753affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 754affected
SAP SESAP NetWeaver AS ABAP (BSP Test Application)< 755affected

Weaknesses

  • Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References