Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:19613
HistoryApr 10, 2008 - 12:00 a.m.

SAP Netweaver 6.40-7.0 Cross-Site-Scripting

2008-04-1000:00:00
vulners.com
34
JSON

Title: SAP Netweaver 6.40-7.0 Persistent Cross-Site-Scripting

Author: Jaime Blasco (at) aitsec.com http://www.aitsec.com

Description: SAP Netweaver have a web interface for accesing filesystem of the portal, users can
make "feedbacks" of
files, input passed to the content of these feedbacks is not properly sanitised
before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser
session in context of an affected site

Solution: This issue can be solved activating "Secure Editing" in Portal
(System Configuration -> System Configuration -> Knowledge management (in detailed Navigation) ->
Utilities -> Editing -> HTML Editing)

Hence this issue can be solved via configuration - for more details see
http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm

NetWeaver 04 (6.40) SP17:
http://help.sap.com/saphelp_nw04/helpdata/en/44/4d3ef6b5ac2152e10000000a114a6b/frameset.htm
NetWeaver 7.0 SP8:
http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm
As of NetWeaver 7.0 SP15 the secure editor is on by default (SAP note 1110597:
https://service.sap.com/sap/support/notes/1110597)

Timeline:

  • March 11: Initial contact.
  • March 12: Confirmed
  • April 5: Vendor response

Original Advisory:

http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php

JSON