Business Server Pages CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-24328	2 Sap, Sap Se	2 Business Server Pages, Business Server Pages Application (taf Applauncher)	2026-02-17	6.1 Medium
SAP TAF_APPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on confidentiality and integrity, with no impact on the availability of the application.
CVE-2026-0497	1 Sap	1 Business Server Pages Application	2026-01-13	4.3 Medium
SAP Product Designer Web UI of Business Server Pages allows authenticated non-administrative users to access non-sensitive information. This results in a low impact on confidentiality, with no impact on integrity or availability of the application.

Page 1 of 1.