Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allow remote malicious users to inject arbitrary web script or HTML via (1) the sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC test application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap sap web application server 6.10 |
||
sap sap web application server 7.0 |
||
sap sap web application server 6.20 |
||
sap sap web application server 6.40 |