NuytsTech Security

CVE-2017-11460

by ·

Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535.

Date published : 2017-07-25

http://www.securityfocus.com/bid/101826

http://www.securityfocus.com/bid/97565

Tags: