CVE-2026-34257

MEDIUM WAF: Medium

CVSS 6.1 Published: 2026-04-14

CWE-601

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the application with no impact on availability.

WAF Coverage Analysis

Open Redirect Medium WAF Coverage

OWASP: A01:2021 Broken Access Control

941xxx - XSS / XXE

References

me.sap.com
url.sap

Back to CVE Database