2 matches found
CVE-2023-0018 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these reports are viewable...
CVE-2023-0018
CVE-2023-0018 concerns SAP BusinessObjects Business Intelligence Platform CMC. The vulnerability arises from improper input sanitization of user-controlled input in versions 420 and 430, enabling an attacker with basic user-level privileges to modify or upload crystal reports containing a malicio...