CVE-2026-44752
EUVD-2026-4358714.07.2026, 01:16
SAP NetWeaver Application Server Java allows an unauthenticated attacker to inject malicious JavaScript through crafted URLs. When a victim accesses such a URL, the script executes in the user's browser, allowing the attacker to access sensitive session information and modify non-sensitive data displayed in the clients browser. This results in a high impact on confidentiality, low impact on integrity with no impact on availability of the application.
Awaiting analysis
This vulnerability is currently awaiting analysis.
Vulnerability Media Exposure