CVE-2025-26653

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP (affected versions not specified)

Description: The issue is related to a Stored Cross-Site Scripting (XSS) vulnerability. It occurs because the software does not properly encode user-controlled inputs, allowing an attacker to inject malicious JavaScript into a website without needing any privileges. When a user visits the compromised page, the injected script is executed, potentially compromising the confidentiality and integrity of the victim's browser. The availability of the system is not affected.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.