HTTP Response Splitting Vulnerability in SAP Web Application Server
CVE-2005-3633

Currently unrated

Key Information:

Vendor

SAP

Vendor
CVE Published:
16 November 2005

What is CVE-2005-3633?

The vulnerability in the frameset.htm component of SAP Web Application Server allows remote attackers to inject arbitrary HTML headers through the sap-exiturl parameter. This flaw can potentially enable attackers to manipulate the server's HTTP responses, leading to various security issues, including information disclosure and session hijacking.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.