CVE-2005-3633

3 documents3 sources
Severity
5.0MEDIUM
EPSS
1.0%
top 23.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP SAP WEB Application Server
Timeline
PublishedNov 16
Latest updateMay 1

Description

HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-63pq-5rx5-8rwj: HTTP response splitting vulnerability in frameset2022-05-01
CVEList
CVE-2005-3633: HTTP response splitting vulnerability in frameset2005-11-16
CVE-2005-3633 (MEDIUM CVSS 5) | HTTP response splitting vulnerabili | cvebase.io