2 matches found
CVE-2022-41263
CVE-2022-41263 affects SAP BusinessObjects Business Intelligence Platform (Web Intelligence) v4.2/v4.3 (420, 430). Root cause: missing authentication check allows an authenticated non-administrator to modify data source information for a restricted document, yielding a limited integrity impact. N...
notionalCallback can be tricked by anyone
Handle pauliax Vulnerability details Impact Anyone can call function notionalCallback with arbitrary params and pass the auth check. The only auth check can be easily bypassed by setting sender param to the address of this contract. It allows to choose any parameter that I want: function...