Public CVE-2007-3612 disclosure

Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.