← Back to CVE List
CVE-2025-0057
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt