cvedb.io
CVE-2024-41732
MEDIUM · CVSS 4.7
EPSS exploitation probability: 0%
Published 2024-08-13T04:15:08.637 · Last modified 2026-06-17T07:48:09.047

Summary

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read or modify information. There is no impact on availability of application.

Affected products

sap — netweaver_application_server_abap

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.