Skip to main content

Netweaver Knowledge Management And Collaboration Kmc Cm

2 CVEs product

Monthly

CVE-2024-34685 MEDIUM This Month

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which allows malicious scripts can be executed in the application, potentially leading to a Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Netweaver Knowledge Management And Collaboration Kmc Cm
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2020-6225 HIGH This Week

SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50), does not sufficiently validate path information provided by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Path Traversal Netweaver Knowledge Management And Collaboration Kmc Cm Netweaver Knowledge Management And Collaboration Kmc Wpc
NVD
CVSS 3.1
8.8
EPSS
1.1%
EPSS 0% CVSS 6.1
MEDIUM This Month

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which allows malicious scripts can be executed in the application, potentially leading to a Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Netweaver Knowledge Management And Collaboration Kmc Cm
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50), does not sufficiently validate path information provided by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Path Traversal Netweaver Knowledge Management And Collaboration Kmc Cm +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy