[ERPSCAN-16-008] SAP NetWeaver AS JAVA – XSS vulnerability in ProxyServer servlet

Posted by ERPScan inc on May 17

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Bugs: Cross Site Scripting (XSS)

Sent: 10.08.2015

Reported: 10.08.2015

Vendor response: 11.08.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2220571

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – XSS vulnerability in ProxyServer servlet

Advisory ID:…

007 Software