CVE-2026-44757

MEDIUM NVD

CVSS Score 4.7

Severity MEDIUM

Published Jun 09, 2026

Vendor unknown

Description

SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user�s browser within the context of the application. This issue has a low impact on the confidentiality and integrity of the application with no impact on availability.

References

https://me.sap.com/notes/3715280
https://url.sap/sapsecuritypatchday