CVE-2008-2421
CVE-2008-2421 concerns a Cross-site Scripting (XSS) vulnerability in the Web GUI of SAP Web Application Server (WAS) 7.0, affecting Web Dynpro for ABAP (WD4A/WDA) and Web Dynpro for BSP. The issue allows remote attackers to inject arbitrary web script or HTML via PATH_INFO to the default URI unde...