CVE-2005-3634

2005-11-16T21:22:00
ID CVE-2005-3634
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:33:00

Description

frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.