← Back to CVE List

CVE-2025-0057

Published: 2025-01-14T01:15Z
Last Modified: 2025-01-14T01:15Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of victim's web browser. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt