Description

Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting them to a site controlled by the attacker. This allows the attacker to access and/or modify restricted information related to the web client. While the vulnerability poses no impact on data availability, it presents a considerable risk to confidentiality and integrity.

INFO

Published Date :

2025-07-08T00:38:16.787Z

Last Modified :

2025-07-08T18:13:50.215Z

Source :

sap
AFFECTED PRODUCTS

The following products are affected by CVE-2025-42981 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-42981.

URL Resource
https://me.sap.com/notes/3617131 cve-icon cve-icon
https://url.sap/sapsecuritypatchday cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact