Name of the Vulnerable Software and Affected Versions SAP NetWeaver (affected versions not specified)

Description The issue is related to the /com.sapportals.navigation.testComponent.NavigationRequestSniffer component of the SAP NetWeaver platform, which is vulnerable due to the lack of protection against cross-site scripting (XSS) attacks. This allows a remote attacker to inject arbitrary HTML tags, including JavaScript scripts, into a webpage using the user's browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.