A vulnerability in SAP NW EP (WPC) – versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to stealing or modifying of authentication information of the user, such as data relating to his or her current session. (CVSS:4.3) (Last Update:2022-07-20)Latest security vulnerabilities (Cross Site Scripting (XSS)) (CVSS score >= 4) Read More
New scheme ready for Cyber Incident Exercising providers
A new Cyber Incident Exercising scheme is now open for organisations to apply to be Assured Providers, with IASME and CREST as our delivery partners. NCSC