CVE-2025-42948

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver ABAP Platform (affected versions not specified)

Description: A Cross-Site Scripting (XSS) issue exists in SAP NetWeaver ABAP Platform. An unauthenticated attacker can create a malicious link and distribute it publicly. If an authenticated user clicks on this link, injected input is processed during web page generation, resulting in malicious content execution. This allows the attacker to potentially access or modify information within the victim’s browser.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.