Lucene search
K

5 matches found

NVD
NVD
added 2025/02/11 1:15 a.m.6 views

CVE-2025-24867

SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...

6.1CVSS0.00251EPSS
Exploits0References2
Circl
Circl
added 2025/02/11 1:11 a.m.6 views

CVE-2025-24867

creationtimestamp| type| source ---|---|--- 2025-02-11 01:11:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113982588694186995 2025-02-11 01:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuicsxtvi23 2025-02-11 03:07:55+00:00| seen|...

6.1CVSS5.8AI score0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/11 12:35 a.m.15 views

CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad)

SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...

6.1CVSS6.2AI score0.00251EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/11 12:35 a.m.15 views

CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad)

SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...

6.1CVSS0.00251EPSS
Exploits0References2
CVE
CVE
added 2025/02/11 12:35 a.m.54 views

CVE-2025-24867

CVE-2025-24867 affects SAP BusinessObjects Platform (BI Launchpad). The issue is an XSS vulnerability caused by insufficient input handling in BI Launchpad, enabling an unauthenticated attacker to craft a URL with a malicious script in an unprotected parameter. When a user clicks the link, the sc...

6.1CVSS6AI score0.00251EPSS
Exploits0References2
Rows per page
Query Builder