Lucene search
K

12 matches found

Prion
Prion
added 2022/04/12 5:15 p.m.14 views

Cross site scripting

SAP BusinessObjects Business Intelligence Platform BI Workspace - version 420, is susceptible to a Cross-Site Scripting attack by an unauthenticated attacker due to improper sanitization of the user inputs on the network. On successful exploitation, an attacker can access certain reports causing ...

4.3CVSS6AI score0.00802EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.5 views

The vulnerability of the BI Workspace module of the SAP BusinessObjects Business Intelligence platform allows a hacker to elevate their privileges by intercepting sessions or exposing protected information.

The vulnerability of the BI Workspace module of the SAP BusinessObjects Business Intelligence platform exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to elevate their privileges by intercepting sessions or disclose...

5.4CVSS5.9AI score0.00685EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.6 views

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform arises from deficiencies in the encryption of user-input data. This allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform exists due to deficiencies in the encryption of data entered by users. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

5.5CVSS5.6AI score0.00987EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2019/08/14 2:15 p.m.22 views

Information disclosure

Under certain conditions, SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure...

5CVSS5.2AI score0.01111EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/08/14 2:15 p.m.19 views

Cross site scripting

When creating a module in SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other...

4.9CVSS5.6AI score0.00685EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/14 1:48 p.m.19 views

CVE-2019-0334

When creating a module in SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other...

5.6AI score0.00685EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/08/14 1:43 p.m.23 views

CVE-2019-0331

Under certain conditions, SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, allows an attacker to access sensitive data such as directory structure, leading to Information Disclosure...

5.2AI score0.01111EPSS
Exploits0References2
Prion
Prion
added 2019/07/10 8:15 p.m.14 views

Cross site scripting

SAP BusinessObjects Business Intelligence Platform BI Workspace Enterprise, versions 4.1, 4.2, 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

4.3CVSS5.9AI score0.01325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/07/10 7:7 p.m.24 views

CVE-2019-0326

SAP BusinessObjects Business Intelligence Platform BI Workspace Enterprise, versions 4.1, 4.2, 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

6AI score0.01325EPSS
Exploits0References3
OSV
OSV
added 2019/03/12 10:29 p.m.3 views

CVE-2019-0269

SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.10 and 4.20, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS5.8AI score
Exploits0References3
Prion
Prion
added 2019/03/12 10:29 p.m.22 views

Cross site scripting

SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.10 and 4.20, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

3.5CVSS5.3AI score0.00987EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/03/12 10:0 p.m.60 views

CVE-2019-0269

CVE-2019-0269 describes a cross-site scripting vulnerability in SAP BusinessObjects BI Platform (BI Workspace) affecting versions 4.10 and 4.20 . It results from insufficient encoding of user-controlled inputs , enabling potential execution of arbitrary script in a user’s browser within the affec...

5.4CVSS5.3AI score0.00987EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder