CVE-2005-3635
SAP Web Application Server (WAS) 6.10–7.00 has multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via (1) sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC test application. The sources confirm...