SAP

Businessobjects Bi Platform

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2019-0262

  • EPSS 0.32%
  • Published 15.02.2019 18:29:01
  • Last modified 21.11.2024 04:16:35

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability.

6.1

CVE-2018-2479

  • EPSS 0.38%
  • Published 13.11.2018 20:29:00
  • Last modified 21.11.2024 04:03:53

SAP BusinessObjects Business Intelligence Platform (BIWorkspace), versions 4.1 and 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

5.3

CVE-2018-2467

  • EPSS 0.25%
  • Published 09.10.2018 13:29:01
  • Last modified 21.11.2024 04:03:52

In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server.

6.1

CVE-2018-2472

  • EPSS 0.42%
  • Published 09.10.2018 13:29:01
  • Last modified 21.11.2024 04:03:52

SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.