Arbitrary Web Script Injection and Cookie Theft Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011
CVE-2003-0749 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.
Learn more about our Web App Pen Testing.