cvedb.io
CVE-2022-29618
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2022-06-14T19:15:07.550 · Last modified 2026-06-17T04:40:31.103

Summary

Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.

Affected products

sap — netweaver_development_infrastructure

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.