2 matches found
CVE-2009-5099
The Connected documents confirm CVE-2009-5099 affects Pentaho BI Server (1.7.0.1062 and earlier) via a Cross‑Site Scripting vulnerability in the ViewAction component, exploitable through the outputType parameter. Root cause: insufficient input validation/sanitization of the outputType parameter a...
CVE-2009-5099
Cross-site scripting XSS vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter...