CVE-2025-42973 is a Cross-Site Scripting (XSS) vulnerability identified in SAP Data Services Management Console, specifically affecting the search functionality related to Data Quality (DQ) job status reports. This vulnerability arises from improper neutralization of input during web page generation (CWE-79), allowing an authenticated attacker to inject malicious scripts by intercepting and modifying requests sent to the affected search feature. When a user subsequently loads the compromised page, the injected script executes in their browser context. The vulnerability requires the attacker to have valid credentials (authenticated access) and involves user interaction (the victim must load the affected page). The impact primarily concerns confidentiality and integrity of user session information, as the attacker could potentially steal session tokens or manipulate displayed data. However, availability is not affected. The CVSS v3.1 base score is 5.4 (medium severity), reflecting network attack vector, low attack complexity, privileges required, user interaction needed, and partial impact on confidentiality and integrity with no impact on availability. The affected versions include SBOP_DS_MANAGEMENT_CONSOLE 4.3 and the 2025 release of SAP Data Services. No known exploits are currently reported in the wild, and no patches are linked yet. This vulnerability highlights the risk of insufficient input sanitization in web applications, particularly in enterprise software managing critical data workflows.

For European organizations using SAP Data Services, especially those relying on the Management Console for monitoring and reporting data quality jobs, this vulnerability poses a moderate risk. Exploitation could lead to unauthorized disclosure or manipulation of session information, potentially enabling attackers to hijack user sessions or perform actions on behalf of legitimate users. This could compromise sensitive business data and workflows, impacting data integrity and confidentiality. Although availability is unaffected, the breach of session data could facilitate further attacks or unauthorized access to enterprise systems. Given SAP's widespread adoption in Europe across sectors such as manufacturing, finance, and public administration, the vulnerability could affect organizations handling sensitive or regulated data, increasing compliance and reputational risks. The requirement for authentication and user interaction somewhat limits the attack surface but does not eliminate risk, especially in environments with many users or where phishing/social engineering could be used to lure victims to maliciously crafted URLs.

European organizations should implement the following specific mitigations: 1) Immediately review and restrict access to the SAP Data Services Management Console to only trusted and necessary personnel, enforcing strong authentication and session management controls. 2) Monitor and log all activities related to the DQ job status search functionality to detect anomalous or suspicious requests that may indicate exploitation attempts. 3) Employ web application firewalls (WAFs) with custom rules to detect and block typical XSS payloads targeting the affected search parameters. 4) Educate users about the risks of clicking on untrusted links and the importance of verifying URLs before interacting with the Management Console. 5) Coordinate with SAP support channels to obtain and apply official patches or updates as soon as they become available. 6) Conduct regular security assessments and penetration testing focused on input validation and session management within SAP Data Services environments. 7) Where feasible, implement Content Security Policy (CSP) headers to reduce the impact of potential XSS attacks by restricting script execution sources.