SAP NetWeaver and Web Dynpro Portal Cross-Site Scripting Vulnerability

Bugtraq ID: 33465
Class: Input Validation Error
CVE: CVE-2008-3358
Remote: Yes
Local: No
Published: Jan 27 2009 12:00AM
Updated: Jan 27 2009 08:39PM
Credit: Martin Suess
Vulnerable: SAP Web Dynpro Runtime Core Components 700 SP12
SAP Netweaver Portal 2004 SP17
SAP Netweaver Portal 2004 ..
SAP Netweaver Portal 2004 SP21
SAP Netweaver Developer Studio - 2004 SP17
SAP Netweaver Developer Studio 2004 SP21
SAP NetWeaver Application Server 6.40 SP21 104329.313
SAP NetWeaver Application Server 6.40 SP17 104329.313
SAP NetWeaver Application Server 6.40 SP17
SAP NetWeaver Nw04s SP9
SAP NetWeaver Nw04s SP8
SAP NetWeaver Nw04s SP7
SAP NetWeaver Nw04s SP11
SAP NetWeaver Nw04s SP10
SAP NetWeaver Nw04 SP19
SAP NetWeaver Nw04 SP18
SAP NetWeaver NW04 SP17
SAP NetWeaver NW04 SP17
SAP NetWeaver Nw04 SP16
SAP NetWeaver Nw04 SP15
SAP NetWeaver 7.0 SP8
SAP NetWeaver 7.0 SP15
SAP NetWeaver 640 SP20
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus