SAP NetWeaver Multiple Input Validation Vulnerabilities

SAP NetWeaver is prone to multiple input-validation vulnerabilities, including:

1. A cross-site scripting vulnerability
2. Multiple directory traversal vulnerabilities
3. Multiple information-disclosure vulnerabilities

Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus