An attacker with basic business user... CVE-2022-35294

- AV AC AU C I A
发布: 2022-09-13
修订: 2024-11-21

An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing authentication information and impersonating the affected user.

0%
暂无可用Exp或PoC
当前有11条受影响产品信息