Cross-Site Scripting Vulnerability in SAP Web Application Server by SAP
CVE-2005-3636

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Web Application Server
Vendor: CVE Published:; 16 November 2005

What is CVE-2005-3636?

The vulnerability in SAP Web Application Server 6.10 allows remote attackers to exploit error pages by injecting arbitrary web scripts or HTML. This means that when users encounter an error page, malicious scripts can be executed in their browsers, potentially allowing attackers to hijack sessions, redirect users, or steal sensitive information.

References

http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multi...

x_refsource_MISC

http://securityreason.com/securityalert/162

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/15361

vdb-entryx_refsource_BID

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 16, 2005
Vulnerability Reserved
Nov 16, 2005