2 matches found
CVE-2019-0376
SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an attacker to save malicious scripts in the publication name, which can be executed later by the victim, resulting in...
CVE-2019-0376
SAP BusinessObjects BI Platform (Web Intelligence HTML interface) is affected by CVE-2019-0376. Affected versions are before 4.2 and 4.3, where user input in publication names is not sufficiently encoded, enabling stored cross-site scripting: an attacker can save malicious scripts in a publicatio...