Symptom
SAP Security Note 3081888 has been released on 14.09.2021. This KBA helps to answer additional questions about the security note.
Read more...
Environment
- SAP NetWeaver Composition Environment 7.1
- SAP enhancement package 1 for SAP NetWeaver Composition Environment 7.1
- SAP NetWeaver 7.3
- SAP enhancement package 1 for SAP NetWeaver 7.3
- SAP NetWeaver 7.4
- SAP Netweaver 7.5
Product
SAP NetWeaver 7.1 ; SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP enhancement package 1 for SAP NetWeaver 7.3
Keywords
[CVE-2021-37531] Code Injection vulnerability in SAP NetWeaver Knowledge Management (XMLForms), SAP Netweaver Portal, XSLT, vulnerability,malicious, XSL stylesheet, script with OS-level command, execute the script, XMLForms, SAPXMLToolkit, XML Parser , KBA , BC-ESI-WS-JAV-RT , Runtime , EP-KM-CM , Content Management , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.