2 matches found
CVE-2004-0534
CVE-2004-0534 is a documented XSS in Business Objects InfoView 5.1.4–5.1.8 / WebIntelligence 2.7.0–2.7.4. The root cause is incomplete server‑side validation for the document name during upload, allowing arbitrary script/HTML via the filename. Impact: remote attacker can inject script, potentiall...
CVE-2004-0534
Cross-site scripting XSS vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document...