CVE-2020-6324

Name of the Vulnerable Software and Affected Versions SAP Netweaver AS ABAP versions 700 through 755

Description The issue allows an unauthenticated attacker to send a polluted URL to the victim. When the victim clicks on this URL, the attacker can read and modify the information available in the victim's browser, leading to Reflected Cross Site Scripting.

Recommendations For versions 700 through 755, consider disabling the BSP Test Application sbspext table until a patch is available to prevent exploitation. Restrict access to the vulnerable application to minimize the risk of Reflected Cross Site Scripting attacks. Avoid using potentially polluted URLs in the affected application until the issue is resolved.