CVE-2018-11415

MEDIUM

SAP Internet Transaction Server 6200.X.X - Reflected Cross-Site Scripting via wgate URIs

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-11415. PoCs published by J. Carrillo Lencina.

AI-analyzed exploit summary This exploit demonstrates a session fixation and XSS vulnerability in SAP Internet Transaction Server (ITS) 6200.X.X by crafting a malicious URL with a fixed session cookie and injected JavaScript payload.

Description

SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product.

Exploits (1)

exploitdb WORKING POC
by J. Carrillo Lencina · pythonwebappsmultiple
https://www.exploit-db.com/exploits/44755

This exploit demonstrates a session fixation and XSS vulnerability in SAP Internet Transaction Server (ITS) 6200.X.X by crafting a malicious URL with a fixed session cookie and injected JavaScript payload.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: SAP Internet Transaction Server (ITS) 6200.X.X
No auth needed
Prerequisites: Access to the target SAP ITS instance · Ability to send crafted HTTP requests
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104311
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44755/
Third Party Advisory x_refsource_misc
https://github.com/0xd0m7/SAP

Scores

CVSS v3 6.1
EPSS 0.0830
EPSS Percentile 94.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
sap/internet_transaction_server 6.20
Published May 24, 2018
Tracked Since Feb 18, 2026