4 matches found
CVE-2023-0015
creationtimestamp| type| source ---|---|--- 2023-01-10 07:28:08+00:00| seen| https://t.me/cibsecurity/56211...
CVE-2023-0015 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (Web Intelligence)
In SAP BusinessObjects Business Intelligence Platform Web Intelligence user interface - version 420, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS...
CVE-2023-0015 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (Web Intelligence)
In SAP BusinessObjects Business Intelligence Platform Web Intelligence user interface - version 420, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS...
CVE-2023-0015
The CVE-2023-0015 issue affects SAP BusinessObjects BI Platform Web Intelligence UI (version 420). The root cause is that some calls return JSON with an incorrect Content-Type header, which can allow a custom application that accesses the Web Intelligence DHTML JSP to be vulnerable to cross-site ...