NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-45280

Summary	Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious scripts to be executed in the login application. This has a limited impact on confidentiality and integrity of the application. There is no impact on availability.
Publication Date	Sept. 10, 2024, 2:15 p.m.
Registration Date	Sept. 10, 2024, 8 p.m.
Last Update	Sept. 10, 2024, 2:15 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://me.sap.com/notes/3505503
2	https://url.sap/sapsecuritypatchday

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html