Arbitrary Web Script Injection and Cookie Theft Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011

Arbitrary Web Script Injection and Cookie Theft Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011

CVE-2003-0749 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.

Learn more about our Web App Pen Testing.