Skip to main content
Skip table of contents

ABAP

Note: The legacy Mend SAST Application was deprecated on April 1st, 2025. For assistance with migrating to the Mend AppSec Platform, please contact your customer success manager or the success team at success@mend.io.

This article covers ABAP support and vulnerability detection for Mend SAST.

Mend SAST-supported ABAP file types

File Type

.abap

.bsp

Mend SAST-supported ABAP frameworks

Framework

BSP

Mend SAST-supported ABAP vulnerability types

The ABAP vulnerability types detected by SAST are provided below, organized by CWE ID within each of their identified severities.

ABAP high-severity vulnerability types

CWE

Vulnerability Type

CWE-22

Path/Directory Traversal

CWE-78

Command Injection

CWE-79

Cross-Site Scripting

CWE-89

SQL Injection

CWE-94

Code Injection

ABAP medium-severity vulnerability types

CWE

Vulnerability Type

CWE-400

Regex Denial of Service (ReDoS)

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.