CVE-2018-2435 is a vulnerability in SAP Netweaver Enterprise Portal
Published on July 10, 2018

SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

NVD

Products Associated with CVE-2018-2435

Want to know whenever a new CVE is published for SAP Netweaver Enterprise Portal? stack.watch will email you.

SAP Netweaver Enterprise Portal

Affected Versions

SAP NetWeaver Enterprise Portal:

Version = 7.0 to 7.02 is affected.
Version = 7.11 is affected.
Version = 7.20 is affected.
Version = 7.30 is affected.
Version = 7.31 is affected.
Version = 7.40 is affected.
Version = 7.50 is affected.

Exploit Probability

EPSS

0.42%

Percentile

61.36%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-2435 is a vulnerability in SAP Netweaver Enterprise PortalPublished on July 10, 2018

Products Associated with CVE-2018-2435

Affected Versions

Exploit Probability

CVE-2018-2435 is a vulnerability in SAP Netweaver Enterprise Portal
Published on July 10, 2018