CVE-2019-0337 is a vulnerability in SAP Netweaver Process Integration
Published on August 14, 2019

Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability

NVD

Products Associated with CVE-2019-0337

Want to know whenever a new CVE is published for SAP Netweaver Process Integration? stack.watch will email you.

SAP Netweaver Process Integration

Affected Versions

SAP SE SAP NetWeaver Process Integration (Java Proxy Runtime):

Version < 7.10 is affected.
Version < 7.11 is affected.
Version < 7.30 is affected.
Version < 7.31 is affected.
Version < 7.40 is affected.
Version < 7.50 is affected.

Exploit Probability

EPSS

0.21%

Percentile

43.02%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-0337 is a vulnerability in SAP Netweaver Process IntegrationPublished on August 14, 2019

Products Associated with CVE-2019-0337

Affected Versions

Exploit Probability

CVE-2019-0337 is a vulnerability in SAP Netweaver Process Integration
Published on August 14, 2019