CVE-2005-3635

Name of the Vulnerable Software and Affected Versions SAP Web Application Server versions 6.10 through 7.00

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities can be exploited via the sap-syscmd in sap-syscmd and the BspApplication field in the SYSTEM PUBLIC test application.

Recommendations For SAP Web Application Server versions 6.10 through 7.00, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.