SAP NetWeaver K.M. Web Page Composer URI Redirection Vulnerability

SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.

An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.


Bugtraq ID: 100177
Class: Input Validation Error
Remote: Yes
Local: No
Published: Aug 08 2017 12:00AM
Updated: Aug 08 2017 12:00AM
Credit: The vendor reported this issue.
Vulnerable: SAP NetWeaver 0

Not Vulnerable:


An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

Related Posts