Cross-Site Scripting Vulnerabilities in SAP Internet Transaction Server
CVE-2006-5114

Currently unrated

Key Information:

Vendor

SAP

Vendor
CVE Published:
3 October 2006

What is CVE-2006-5114?

Multiple vulnerabilities exist in the SAP Internet Transaction Server (ITS) 6.1 and 6.2, allowing attackers to exploit the application through cross-site scripting. By injecting arbitrary web scripts or HTML code via the parameters ~urlmime or ~command, unauthorized users can manipulate how the server processes web requests. This exploitation could lead to unauthorized data exposure or other malicious activities, underscoring the importance of securing web applications against such vulnerabilities.

References

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.