CVE-2018-11415

SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product.
References
Link Resource
http://www.securityfocus.com/bid/104311 Third Party Advisory VDB Entry
https://github.com/0xd0m7/SAP Third Party Advisory
https://www.exploit-db.com/exploits/44755/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:internet_transaction_server:6.20:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-05-24 19:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-11415

Mitre link : CVE-2018-11415

CVE.ORG link : CVE-2018-11415


JSON object : View

Products Affected

sap

  • internet_transaction_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')