CVE-2022-35294

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP (affected versions not specified)

Description The issue allows an attacker with basic business user privileges to craft and upload a malicious file, which is then downloaded and viewed by other users, resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure, including stealing authentication information and impersonating the affected user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.