CVE-2021-21491 is a vulnerability in SAP Netweaver Application Server Java
Published on March 10, 2021
SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Products Associated with CVE-2021-21491
Want to know whenever a new CVE is published for SAP Netweaver Application Server Java? stack.watch will email you.
Affected Versions
SAP SE SAP NetWeaver Application Server Java (Applications based on Web Dynpro Java):- Version < 7.00 is affected.
- Version < 7.10 is affected.
- Version < 7.11 is affected.
- Version < 7.20 is affected.
- Version < 7.30 is affected.
- Version < 731 is affected.
- Version < 7.40 is affected.
- Version < 7.50 is affected.
Exploit Probability
EPSS
0.13%
Percentile
32.84%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.