Name of the Vulnerable Software and Affected Versions SAP NetWeaver (affected versions not specified)

Description The issue is related to the /com.sap.portal.themes.styleservice.LockingTestPortalComponent component of the SAP NetWeaver platform, which is vulnerable due to insufficient protection of the web page structure. This allows for reflected cross-site scripting (XSS), where an attacker can inject arbitrary HTML tags, including JavaScript scripts, into a page using a user's browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.