CVE-2025-0062

🗓️ 11 Mar 2025 00:31:18Reported by sapType

CVE-2025-0062 allows JavaScript injection in reports, impacting confidentiality and integrity in browsers.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-0062	11 Mar 202502:40	–	circl
CNNVD	SAP Business Objects Business Intelligence Platform 跨站脚本漏洞	11 Mar 202500:00	–	cnnvd
CNVD	SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2025-07541)	27 Mar 202500:00	–	cnvd
Cvelist	CVE-2025-0062 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)	11 Mar 202500:31	–	cvelist
EUVD	EUVD-2025-7348	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP software	11 Mar 202512:20	–	ncsc
NVD	CVE-2025-0062	11 Mar 202501:15	–	nvd
RedhatCVE	CVE-2025-0062	13 Mar 202518:07	–	redhatcve
Vulnrichment	CVE-2025-0062 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)	11 Mar 202500:31	–	vulnrichment

Vulners

Node

sap businessobjects_business_intelligence_platformMatch430

sap businessobjects_business_intelligence_platformMatch2025

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP BusinessObjects Business Intelligence Platform",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "ENTERPRISE 430"
      },
      {
        "status": "affected",
        "version": "2025"
      },
      {
        "status": "affected",
        "version": "ENTERPRISECLIENTTOOLS 430"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3557459

15 Apr 2026 00:35Current

7.1High risk

Vulners AI Score7.1

CVSS 3.14.7

EPSS0.00163

SSVC

CWE-79

cve-2025-0062 javascript injection sap businessobjects business intelligence confidentiality integrity browser