SAP Business Warehouse Universal Data Integration Cross-Site Scripting Vulnerability

SAP Business Warehouse BW is an implementation of SAP's analytical data warehouse solution, Universal Data Integration UDI is a common data analysis interface. A cross-site scripting vulnerability exists in SAP BW UDI, which stems from the program's failure to adequately encrypt user input. A...

Cross site scripting

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

Cross-Site scripting XSS in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs...

CVE-2017-16685

CVE-2017-16685 refers to a Cross-Site Scripting (XSS) vulnerability in SAP Business Warehouse Universal Data Integration (U DI) affecting SAP BW UDI versions 7.10–7.50. The root cause is insufficient encoding of user-controlled inputs, enabling an attacker to execute malicious scripts in a victim...

Sql injection

SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema...

CVE-2013-7355

CVE-2013-7355 : The Red Hat, NVD and related records describe a SQL injection vulnerability in SAP BI Universal Data Integration . It allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with the issue tied to the J2EE schema . The available sources do not provide ex...