3 matches found
CVE-2019-0335
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console, versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor is moved over the...
CVE-2019-0335
Under certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console, versions 4.1, 4.2, 4.3, allows an attacker to store a malicious payload within the description field of a user account. The payload is triggered when the mouse cursor is moved over the...
CVE-2019-0335
SAP BusinessObjects BI Platform Central Management Console (versions 4.1–4.3) is affected by a stored XSS in the user description field. An attacker can store a payload in a user’s description that executes when the mouse hovers over the description in the UI’s info popup. The available documents...