Description
SAP NetWeaver DevelKnowledge Warehouse is vulnerable to the XSS (cross-site scripting). The SAPIrExtHelp endpoint doesn't sanitize the user's input correctly.
Remediation
Upgrade to the latest version of SAP KW
References
Related Vulnerabilities
WordPress Plugin Share Buttons Cross-Site Scripting (1.3.1)
WordPress Plugin Dynamic Widgets Multiple Cross-Site Scripting Vulnerabilities (1.5.10)
WordPress Plugin WP Gravity Forms Zoho CRM Add-on Cross-Site Scripting (1.1.5)
WordPress Plugin Raygun4WP Cross-Site Scripting (1.8.2)
WordPress Plugin XVE Various Embed Multiple Cross-Site Scripting Vulnerabilities (1.0.3)