mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-28 11:21:40 +02:00
0xMarcio
907 B
907 B
CVE-2022-35294
Description
An attacker with basic business user privileges could craft and upload a malicious file to SAP NetWeaver Application Server ABAP, which is then downloaded and viewed by other users resulting in a stored Cross-Site-Scripting attack. This could lead to information disclosure including stealing authentication information and impersonating the affected user.
POC
Reference
Github
No PoCs found on GitHub currently.