PT-2025-32604 · Sap · Sap Netweaver Application Server Abap
Published
2025-08-11
·
Updated
2025-08-12
·
CVE-2025-42942
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
SAP NetWeaver Application Server for ABAP (affected versions not specified)
Description:
SAP NetWeaver Application Server for ABAP is susceptible to a cross-site scripting issue. An unauthenticated attacker can create a URL containing a malicious script and deceive an unauthenticated victim into clicking it, leading to script execution. Successful exploitation allows the attacker to access and modify limited information within the victim’s browser. This issue does not impact application availability.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Netweaver Application Server Abap