CVE-2012-1290
SAP Netweaver - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter.
References (5)
Scores
EPSS
0.0033
EPSS Percentile
55.5%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
sap/netweaver
n/a/n/a
Timeline
Published
Feb 23, 2012
Tracked Since
Feb 18, 2026