Onapsis Security Advisory – SAP HANA suffers from an XSJS code injection vulnerability in test-net.xsjs. By exploiting this vulnerability a remote authenticated attacker would be able to partially compromise the SAP system as well as all the information processed and stored in the HANA system.