Lucene search
K

164 matches found

OSV
OSV
added 2020/09/09 1:15 p.m.7 views

CVE-2020-6312

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to stored Cross Site...

5.4CVSS6.3AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2020/09/09 12:52 p.m.50 views

CVE-2020-6288

The CVE-2020-6288 issue affects SAP Business Objects BI Platform (Web Intelligence HTML interface): an attacker with edit-doc rights can upload any file (including scripts) due to insufficient file-format validation, enabling unrestricted upload of dangerous file types and allowing modification o...

5.3CVSS5.2AI score0.00656EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/09 12:40 p.m.19 views

CVE-2020-6312

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to stored Cross Site...

5.4CVSS5.3AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2020/09/09 12:40 p.m.54 views

CVE-2020-6312

The CVE-2020-6312 entry concerns SAP BusinessObjects BI Platform (Web Intelligence HTML interface), affected in version 4.1 and 4.2. A non-administrative user who can edit certain web page properties can influence how the browser processes specific elements, enabling stored Cross-Site Scripting a...

5.4CVSS5.3AI score0.00536EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/04/15 12:0 a.m.5 views

SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2020-23029)

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface version 4.2 does not adequately encode user-controlled input, resulting in a cross-site scripting XSS vulnerability. The cross-site scripting vulnerability exists in SAP Business Objects Business Intelligence...

5.4CVSS6AI score0.00648EPSS
Exploits0References1
OSV
OSV
added 2020/04/14 7:15 p.m.3 views

CVE-2020-6231

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00648EPSS
Exploits0References2
OSV
OSV
added 2020/04/14 7:15 p.m.5 views

CVE-2020-6222

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS6AI score0.0067EPSS
Exploits0References2
OSV
OSV
added 2020/04/14 7:15 p.m.2 views

CVE-2020-6226

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score0.00648EPSS
Exploits0References2
Prion
Prion
added 2020/04/14 7:15 p.m.23 views

Cross site scripting

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.2AI score0.00648EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/04/14 7:15 p.m.23 views

Cross site scripting

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.2AI score0.0067EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/04/14 7:15 p.m.17 views

Cross site scripting

Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.2AI score0.00648EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/04/14 6:33 p.m.75 views

CVE-2020-6226

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface (v4.2) is affected by an XSS vulnerability due to insufficient encoding of user-controlled inputs. Cited sources describe the vulnerability as cross-site scripting affecting the Web Intelligence HTML interface; no...

5.4CVSS5.3AI score0.00648EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/04/14 6:18 p.m.75 views

CVE-2020-6222

CVE-2020-6222 affects SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) versions 4.1 and 4.2. The issue is due to insufficient encoding of user-controlled inputs, causing Cross-Site Scripting (XSS). The vulnerability’s impact is described as low to medium depen...

5.4CVSS5.3AI score0.0067EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/04/14 6:7 p.m.69 views

CVE-2020-6221

The CVE-2020-6221 issue affects SAP Business Objects Business Intelligence Platform, specifically the Web Intelligence HTML interface, versions 4.1 and 4.2. The root cause is insufficient encoding of user-controlled inputs, leading to Cross-Site Scripting (XSS). The connected documents consistent...

5.4CVSS5.3AI score0.00648EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/23 12:0 a.m.5 views

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.5CVSS6.5AI score0.01135EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/15 12:0 a.m.8 views

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows attackers to execute cross-site scripting attacks (XSS).

The vulnerability of SAP BusinessObjects Business Intelligence’s Web Intelligence component is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.5 views

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.5 views

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00733EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.5 views

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/08 12:0 a.m.18 views

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform, related to the lack of measures for cleaning incoming data, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Web Intelligence HTML interface of the SAP BusinessObjects Business Intelligence platform is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.5CVSS5.6AI score0.00526EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder