SAP.fameset.HTML.Injection
Description
It indicates a possible exploit of Cross-Site scripting, HTTP Response Splitting and URI Redirection Vulnerabilities in SAP Web Application Server that may allow remote attackers to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
Affected Products
SAP Web Application Server 7.0, 6.40, 6.20 and 6.10.
Impact
Information Disclosure and other attacks.
Recommended Actions
The vendor has released patches to address these issues. Upgrades are available as well. Please see reference for more information.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |