CVE-2022-28215

Summary

SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver ABAP Server and ABAP Platform740affected
SAP SESAP NetWeaver ABAP Server and ABAP Platform750affected
SAP SESAP NetWeaver ABAP Server and ABAP Platform787affected

Weaknesses

  • CWE-601: CWE-601

ADP Enrichment

CVE Program Container

Additional References

References