Onapsis Security Advisory - The SAP J2EE Engine contains a Web Services Navigator interface, which enables the interaction with the deployed Web Services in the server. This interface suffers from a Cross-Site Scripting vulnerability, which may enable malicious parties to perform different kind of attacks over SAP users.
8dc2a56391e65f55d9d9b2fedc38db6025320a0ec26c72f748583efc85727820