CVE-2017-6061
The CVE covers a Cross-Site Scripting (XSS) vulnerability in the SAP BusinessObjects Financial Consolidation 10.0.0.1933 product, exposed through the help component. Specifically, an attacker can trigger XSS by crafting a GET request to the help UI, notably /finance/help/en/frameset.htm, potentia...