CVE-2025-42969

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP and ABAP Platform (affected versions not specified)

Description: The issue allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. When a victim clicks on this crafted URL, they unknowingly execute the malicious payload in their browser. On successful exploitation, the attacker can access or modify sensitive information within the scope of the victim's web browser, with no impact on the availability of the application.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.