Sap_se Sap Netweaver Enterprise Portal

5 CVEs affecting Sap_se Sap Netweaver Enterprise Portal. Latest disclosed: 2026-01-13. Critical: 0, High: 0.

Top CVEs affecting Sap_se Sap Netweaver Enterprise Portal
CVESeverityScorePublishedSummary
CVE-2025-42884Medium6.52025-11-11SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject JNDI environment properties or pass a URL used during JNDI lookup operations, enab…
CVE-2026-0499Medium6.12026-01-13SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server re…
CVE-2025-42872Medium6.12025-12-09Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal, an unauthenticated attacker could inject malicious scripts that execute i…
CVE-2023-33985Medium6.12023-06-13SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripti…
CVE-2024-44120Medium4.72024-09-10SAP NetWeaver Enterprise Portal is vulnerable to reflected cross site scripting due to insufficient encoding of user-controlled input. An unauthenticated attac…