Update CVE-2005-3634.yaml
Ritik Chaddha
GitHub
parent
b668fd1625
commit
8dfe5ec4ab
|
|
@ -1,18 +1,18 @@
|
||||||
id: CVE-2005-3634
|
id: CVE-2005-3634
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: SAP Web Application Server 6.x/7.0 - Open Redirection
|
name: SAP Web Application Server 6.x/7.0 - Open Redirect
|
||||||
author: ctflearner
|
author: ctflearner
|
||||||
severity: medium
|
severity: medium
|
||||||
description: |
|
description: |
|
||||||
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
|
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
|
||||||
reference:
|
reference:
|
||||||
- https://www.exploit-db.com/exploits/26488
|
- https://www.exploit-db.com/exploits/26488
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2005-3634
|
|
||||||
- https://cxsecurity.com/issue/WLB-2005110025
|
- https://cxsecurity.com/issue/WLB-2005110025
|
||||||
- https://marc.info/?l=bugtraq&m=113156525006667&w=2
|
- https://marc.info/?l=bugtraq&m=113156525006667&w=2
|
||||||
- http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf
|
- http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf
|
||||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23031
|
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23031
|
||||||
|
- https://nvd.nist.gov/vuln/detail/CVE-2005-3634
|
||||||
classification:
|
classification:
|
||||||
cvss-metrics: CVSS:2.0/(AV:N/AC:L/Au:N/C:N/I:P/A:N)
|
cvss-metrics: CVSS:2.0/(AV:N/AC:L/Au:N/C:N/I:P/A:N)
|
||||||
cvss-score: 5.0
|
cvss-score: 5.0
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue