CVE-2024-22128 (GCVE-0-2024-22128)
Vulnerability from cvelistv5 – Published: 2024-02-13 02:02 – Updated: 2026-02-25 09:45
VLAI
Title
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML
Summary
SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver Business Client for HTML |
Affected:
SAP_UI 754
Affected: SAP_UI 755 Affected: SAP_UI 756 Affected: SAP_UI 757 Affected: SAP_BASIS 700 Affected: SAP_BASIS 701 Affected: SAP_BASIS 702 Affected: SAP_BASIS 731 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-13T15:55:00.643408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:30.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3396109"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver Business Client for HTML",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "SAP_UI 755"
},
{
"status": "affected",
"version": "SAP_UI 756"
},
{
"status": "affected",
"version": "SAP_UI 757"
},
{
"status": "affected",
"version": "SAP_BASIS 700"
},
{
"status": "affected",
"version": "SAP_BASIS 701"
},
{
"status": "affected",
"version": "SAP_BASIS 702"
},
{
"status": "affected",
"version": "SAP_BASIS 731"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_754:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_755:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_756:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_757:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_700:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_701:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_702:*:*:*:*:*:*:*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_731:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.\u003c/p\u003e"
}
],
"value": "SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T09:45:44.998Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3396109"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-22128",
"datePublished": "2024-02-13T02:02:14.281Z",
"dateReserved": "2024-01-05T10:21:35.256Z",
"dateUpdated": "2026-02-25T09:45:44.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-22128",
"date": "2026-06-08",
"epss": "0.01258",
"percentile": "0.79747"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-22128\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2024-02-13T02:15:08.323\",\"lastModified\":\"2026-02-25T10:16:17.483\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.\"},{\"lang\":\"es\",\"value\":\"SAP NWBC para HTML: versiones SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, no codifica suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de Cross-Site Scripting (XSS). Un atacante no autenticado puede inyectar javascript malicioso para causar un impacto limitado en la confidencialidad y la integridad de los datos de la aplicaci\u00f3n despu\u00e9s de una explotaci\u00f3n exitosa.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_basis_700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C94A50-17DD-4206-9861-E4406C7CFEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_basis_701:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7055999C-5B25-4E7D-B7A3-9A140DCA9E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_basis_702:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9F39B4-5F9B-4E1C-94A4-3201A6D6CFFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_basis_731:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2FD9175-513A-45CE-B113-6EE1C00ADACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_ui_754:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3FA1C87-6B1D-49EC-B2B6-9FA74B41C643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_ui_755:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5A00719-2E66-4CFE-B10A-7582F83A3724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_ui_756:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14A2A918-2B9D-442A-80E7-B0268540647D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_ui_757:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F301FA2-E797-4AAE-B152-FD20AAB815E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:netweaver_business_client_for_html:sap_ui_758:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06987429-230F-423E-B5A2-5D9347D446EF\"}]}]}],\"references\":[{\"url\":\"https://me.sap.com/notes/3396109\",\"source\":\"cna@sap.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\",\"source\":\"cna@sap.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://me.sap.com/notes/3396109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://me.sap.com/notes/3396109\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:35:34.814Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22128\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-13T15:55:00.643408Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.197Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SAP_SE\", \"product\": \"SAP NetWeaver Business Client for HTML\", \"versions\": [{\"status\": \"affected\", \"version\": \"SAP_UI 754\"}, {\"status\": \"affected\", \"version\": \"SAP_UI 755\"}, {\"status\": \"affected\", \"version\": \"SAP_UI 756\"}, {\"status\": \"affected\", \"version\": \"SAP_UI 757\"}, {\"status\": \"affected\", \"version\": \"SAP_BASIS 700\"}, {\"status\": \"affected\", \"version\": \"SAP_BASIS 701\"}, {\"status\": \"affected\", \"version\": \"SAP_BASIS 702\"}, {\"status\": \"affected\", \"version\": \"SAP_BASIS 731\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://me.sap.com/notes/3396109\"}, {\"url\": \"https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An unauthenticated attacker can inject malicious javascript to cause limited impact to confidentiality and integrity of the application data after successful exploitation.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_754:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_755:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_756:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_ui_757:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_700:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_701:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_702:*:*:*:*:*:*:*\", \"vulnerable\": true}, {\"criteria\": \"cpe:2.3:a:sap_se:sap_netweaver_business_client_for_html:sap_basis_731:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"shortName\": \"sap\", \"dateUpdated\": \"2026-02-25T09:45:44.998Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-22128\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-25T09:45:44.998Z\", \"dateReserved\": \"2024-01-05T10:21:35.256Z\", \"assignerOrgId\": \"e4686d1a-f260-4930-ac4c-2f5c992778dd\", \"datePublished\": \"2024-02-13T02:02:14.281Z\", \"assignerShortName\": \"sap\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…