CVE-2008-3358

Name of the Vulnerable Software and Affected Versions SAP NetWeaver portal (affected versions not specified)

Description The issue is related to a cross-site scripting (XSS) vulnerability in Web Dynpro (WD) within the SAP NetWeaver portal. This vulnerability can be exploited when using Internet Explorer 7.0.5730, allowing remote attackers to inject arbitrary web script or HTML via a crafted URI. The XSS payload is reflected in a text/plain document.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.