CVE-2022-29610

Summary

SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver Application Server ABAP753affected
SAP SESAP NetWeaver Application Server ABAP754affected
SAP SESAP NetWeaver Application Server ABAP755affected
SAP SESAP NetWeaver Application Server ABAP756affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References