Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
[
{
"product": "SAP Business Objects",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "420"
}
]
}
]