Description
SAP NetWeaver DevelKnowledge Warehouse is vulnerable to the XSS (cross-site scripting). The SAPIrExtHelp endpoint doesn't sanitize the user's input correctly.
Remediation
Upgrade to the latest version of SAP KW
References
Related Vulnerabilities
WordPress Plugin Raygun4WP Cross-Site Scripting (1.8.2)
WordPress Plugin Widget Settings Importer/Exporter Cross-Site Scripting (1.5.3)
WordPress Plugin Fourteen Extended Cross-Site Scripting (1.2.31)
WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.4.4)
WordPress Plugin Easy Forms for Mailchimp Cross-Site Scripting (5.0.6)