Potential false redirection of web site content in Internet in SAP NetWeaver web applications

Vulnerability Summary

Title                               Potential false redirection of web site content in Internet in SAP NetWeaver web applications 
Release Date               8 March 2016 
Reference                     NCC00837 
Discoverer                    Soroush Dalili 
Vendor                          SAP 
Vendor References    2195595,2198151 
Systems Affected       Tested on SAP NetWeaver 7.42 and SAP Solution Manager 7.1 (other versions are probably vulnerable) 
CVE Reference            CVE-2015-8775 
Risk                               Medium 
Status                           Approved

Download technical advisory