Name of the Vulnerable Software and Affected Versions SAP NetWeaver (affected versions not specified)

Description The issue exists due to insufficient data sanitization when copying data from requests to responses in the DownloadServlet component of the SAP NetWeaver integration platform. This could allow a remote attacker to execute arbitrary JavaScript code on the client-side.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.